Mercurial > libervia-backend
comparison tests/e2e/libervia-cli/test_libervia-cli.py @ 3974:5e3b983ab2c6
tests (e2e/cli): test for Pubsub Targeted Encryption:
rel 382
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Mon, 31 Oct 2022 13:48:31 +0100 |
| parents | 9b1d74a6b48c |
| children | 524856bd7b19 |
comparison
equal
deleted
inserted
replaced
| 3973:570254d5a798 | 3974:5e3b983ab2c6 |
|---|---|
| 24 import sh | 24 import sh |
| 25 from sh import li | 25 from sh import li |
| 26 | 26 |
| 27 import pytest | 27 import pytest |
| 28 from sat.plugins.plugin_sec_oxps import NS_OXPS | 28 from sat.plugins.plugin_sec_oxps import NS_OXPS |
| 29 from sat.plugins.plugin_sec_pte import NS_PTE | |
| 29 from sat.plugins.plugin_xep_0277 import NS_ATOM | 30 from sat.plugins.plugin_xep_0277 import NS_ATOM |
| 30 from sat.tools.common import uri | 31 from sat.tools.common import uri |
| 31 | 32 |
| 32 | 33 |
| 33 if os.getenv("LIBERVIA_TEST_ENV_E2E") is None: | 34 if os.getenv("LIBERVIA_TEST_ENV_E2E") is None: |
| 392 shutil.rmtree(dest_path) | 393 shutil.rmtree(dest_path) |
| 393 send_cmd.wait() | 394 send_cmd.wait() |
| 394 | 395 |
| 395 assert source_file_hash == dest_file_hash | 396 assert source_file_hash == dest_file_hash |
| 396 li.encryption.stop("account1@server2.test") | 397 li.encryption.stop("account1@server2.test") |
| 398 | |
| 399 def test_pubsub_targeted_encryption_pte(self, li_elt): | |
| 400 """An item is encrypted for specific recipients""" | |
| 401 secret_blog = "this is a secret blog post" | |
| 402 node = "e2ee_blog" | |
| 403 item = "test_pte" | |
| 404 li.encryption.start("account1@server2.test", name="twomemo") | |
| 405 li.encryption.start( | |
| 406 "account1@server1.test", name="twomemo", profile="account1_s2" | |
| 407 ) | |
| 408 li.blog.set( | |
| 409 _in=secret_blog, node="e2ee_blog", item=item, | |
| 410 encrypt_for="account1@server2.test" | |
| 411 ) | |
| 412 | |
| 413 # the item should be transparently decrypted | |
| 414 parsed_decrypted = li_elt.pubsub.get( | |
| 415 service="account1@server1.test", node=node, item=item, no_cache=True, | |
| 416 profile="account1_s2" | |
| 417 ) | |
| 418 entry_elt = parsed_decrypted.firstChildElement() | |
| 419 assert entry_elt.name == "entry" | |
| 420 assert entry_elt.uri == NS_ATOM | |
| 421 assert secret_blog in parsed_decrypted.toXml() | |
| 422 | |
| 423 # with --no-decrypt, we should have the encrypted item | |
| 424 parsed_ori_item = li_elt.pubsub.get( | |
| 425 node=node, item=item, no_decrypt=True, no_cache=True | |
| 426 ) | |
| 427 encrypted_elt = parsed_ori_item.firstChildElement() | |
| 428 assert encrypted_elt.name == "encrypted" | |
| 429 assert encrypted_elt.uri == NS_PTE | |
| 430 # the body must not be readable in plain text | |
| 431 assert secret_blog not in parsed_ori_item.toXml() |