Regression test for unintentional reencryption upon falsy conditions.

2022-11-11 16:40:01 +00:00 · 2022-11-11 16:40:01 +00:00 · 961faf04f7
parent f893aae94e
commit 961faf04f7
3 changed files with 79 additions and 29 deletions
--- a/nucypher/network/server.py
+++ b/nucypher/network/server.py
@ -224,7 +224,7 @@ def _make_rest_app(this_node, log: Logger) -> Flask:
                if error:
                    # TODO: This response short-circuits the entire request on falsy condition
                    #  even if other unrelated capsules (message kits) are present.
-                    return Response(message=error.message, status=error.status_code)
+                    return Response(error.message, status=error.status_code)
            capsules_to_process.append(capsule)

        # FIXME: DISABLED FOR PRE-adapted-TDEC
--- a/tests/integration/characters/test_bob_handles_frags.py
+++ b/tests/integration/characters/test_bob_handles_frags.py
@ -71,34 +71,6 @@ def test_single_retrieve(enacted_federated_policy, federated_bob, federated_ursu
    assert cleartexts == messages


-# TODO: MOVE ME
-def test_single_retrieve_with_conditions(enacted_federated_policy, federated_bob, federated_ursulas):
-    from nucypher_core import MessageKit
-
-    federated_bob.start_learning_loop()
-    conditions = [
-        {'returnValueTest': {'value': '0', 'comparator': '>'}, 'method': 'timelock'},
-        {'operator': 'and'},
-        {'returnValueTest': {'value': '99999999999999999', 'comparator': '<'}, 'method': 'timelock'},
-    ]
-    json_conditions = json.dumps(conditions)
-    rust_conditions = Conditions(json_conditions)
-    message_kits = [
-        MessageKit(
-            enacted_federated_policy.public_key,
-            b'lab',
-            rust_conditions
-        )
-    ]
-
-    cleartexts = federated_bob.retrieve_and_decrypt(
-        message_kits=message_kits,
-        **_policy_info_kwargs(enacted_federated_policy),
-        )
-
-    assert b'lab' in cleartexts
-
-
 def test_use_external_cache(enacted_federated_policy, federated_bob, federated_ursulas):

    federated_bob.start_learning_loop()
--- a/tests/integration/characters/test_conditional_reencryption.py
+++ b/tests/integration/characters/test_conditional_reencryption.py
@ -0,0 +1,78 @@
+import json
+
+import pytest
+from nucypher_core import Conditions
+
+from nucypher.characters.lawful import Ursula
+from nucypher.policy.conditions.lingo import ConditionLingo
+from tests.utils.middleware import MockRestMiddleware
+
+
+def _policy_info_kwargs(enacted_policy):
+    return dict(
+        encrypted_treasure_map=enacted_policy.treasure_map,
+        alice_verifying_key=enacted_policy.publisher_verifying_key,
+    )
+
+
+def test_single_retrieve_with_truthy_conditions(enacted_federated_policy, federated_bob, federated_ursulas, mocker):
+    from nucypher_core import MessageKit
+
+    reencrypt_spy = mocker.spy(Ursula, '_reencrypt')
+
+    federated_bob.start_learning_loop()
+    conditions = [
+        {'returnValueTest': {'value': '0', 'comparator': '>'}, 'method': 'timelock'},
+        {'operator': 'and'},
+        {'returnValueTest': {'value': '99999999999999999', 'comparator': '<'}, 'method': 'timelock'},
+    ]
+    json_conditions = json.dumps(conditions)
+    rust_conditions = Conditions(json_conditions)
+    message_kits = [
+        MessageKit(
+            enacted_federated_policy.public_key,
+            b'lab',
+            rust_conditions
+        )
+    ]
+
+    cleartexts = federated_bob.retrieve_and_decrypt(
+        message_kits=message_kits,
+        **_policy_info_kwargs(enacted_federated_policy),
+    )
+
+    assert b'lab' in cleartexts
+    assert reencrypt_spy.call_count == 3
+
+
+def test_single_retrieve_with_falsy_conditions(enacted_federated_policy, federated_bob, federated_ursulas, mocker):
+    from nucypher_core import MessageKit
+
+    reencrypt_spy = mocker.spy(Ursula, '_reencrypt')
+    mocker.patch.object(ConditionLingo, 'eval', return_value=False)
+    reencrypt_http_spy = mocker.spy(MockRestMiddleware, 'reencrypt')
+
+    # not actually used for eval, but satisfies serializers
+    conditions = Conditions(json.dumps(
+        [{'returnValueTest': {'value': '0', 'comparator': '>'}, 'method': 'timelock'}]
+    ))
+
+    federated_bob.start_learning_loop()
+
+    message_kits = [
+        MessageKit(
+            enacted_federated_policy.public_key,
+            b'radio',
+            conditions
+        )
+    ]
+
+    with pytest.raises(Ursula.NotEnoughUrsulas):
+        federated_bob.retrieve_and_decrypt(
+            message_kits=message_kits,
+            **_policy_info_kwargs(enacted_federated_policy),
+        )
+
+    reencrypt_spy.assert_not_called()
+    assert isinstance(reencrypt_http_spy.spy_exception, MockRestMiddleware.Unauthorized)
+