Mercurial > libervia-backend
diff tests/e2e/libervia-cli/test_libervia-cli.py @ 3974:5e3b983ab2c6
tests (e2e/cli): test for Pubsub Targeted Encryption:
rel 382
author | Goffi <goffi@goffi.org> |
---|---|
date | Mon, 31 Oct 2022 13:48:31 +0100 |
parents | 9b1d74a6b48c |
children | 524856bd7b19 |
line wrap: on
line diff
--- a/tests/e2e/libervia-cli/test_libervia-cli.py Mon Oct 31 13:48:01 2022 +0100 +++ b/tests/e2e/libervia-cli/test_libervia-cli.py Mon Oct 31 13:48:31 2022 +0100 @@ -26,6 +26,7 @@ import pytest from sat.plugins.plugin_sec_oxps import NS_OXPS +from sat.plugins.plugin_sec_pte import NS_PTE from sat.plugins.plugin_xep_0277 import NS_ATOM from sat.tools.common import uri @@ -394,3 +395,37 @@ assert source_file_hash == dest_file_hash li.encryption.stop("account1@server2.test") + + def test_pubsub_targeted_encryption_pte(self, li_elt): + """An item is encrypted for specific recipients""" + secret_blog = "this is a secret blog post" + node = "e2ee_blog" + item = "test_pte" + li.encryption.start("account1@server2.test", name="twomemo") + li.encryption.start( + "account1@server1.test", name="twomemo", profile="account1_s2" + ) + li.blog.set( + _in=secret_blog, node="e2ee_blog", item=item, + encrypt_for="account1@server2.test" + ) + + # the item should be transparently decrypted + parsed_decrypted = li_elt.pubsub.get( + service="account1@server1.test", node=node, item=item, no_cache=True, + profile="account1_s2" + ) + entry_elt = parsed_decrypted.firstChildElement() + assert entry_elt.name == "entry" + assert entry_elt.uri == NS_ATOM + assert secret_blog in parsed_decrypted.toXml() + + # with --no-decrypt, we should have the encrypted item + parsed_ori_item = li_elt.pubsub.get( + node=node, item=item, no_decrypt=True, no_cache=True + ) + encrypted_elt = parsed_ori_item.firstChildElement() + assert encrypted_elt.name == "encrypted" + assert encrypted_elt.uri == NS_PTE + # the body must not be readable in plain text + assert secret_blog not in parsed_ori_item.toXml()