|
|
|
''' Test package for ordr2.models.users '''
|
|
|
|
|
|
|
|
import pytest
|
|
|
|
|
|
|
|
|
|
|
|
# tests for users.Role
|
|
|
|
|
|
|
|
def test_role_principals():
|
|
|
|
''' test Role.principal, a caluclated property '''
|
|
|
|
from ordr2.models.users import Role
|
|
|
|
|
|
|
|
assert Role.UNVALIDATED.principal == 'role:unvalidated'
|
|
|
|
assert Role.NEW.principal == 'role:new'
|
|
|
|
assert Role.USER.principal == 'role:user'
|
|
|
|
assert Role.PURCHASER.principal == 'role:purchaser'
|
|
|
|
assert Role.ADMIN.principal == 'role:admin'
|
|
|
|
assert Role.INACTIVE.principal == 'role:inactive'
|
|
|
|
|
|
|
|
|
|
|
|
def test_role_str():
|
|
|
|
''' test the string representation of roles '''
|
|
|
|
from ordr2.models.users import Role
|
|
|
|
|
|
|
|
assert str(Role.UNVALIDATED) == 'Unvalidated'
|
|
|
|
assert str(Role.NEW) == 'New'
|
|
|
|
assert str(Role.USER) == 'User'
|
|
|
|
assert str(Role.PURCHASER) == 'Purchaser'
|
|
|
|
assert str(Role.ADMIN) == 'Admin'
|
|
|
|
assert str(Role.INACTIVE) == 'Inactive'
|
|
|
|
|
|
|
|
|
|
|
|
# tests for users.User
|
|
|
|
|
|
|
|
def test_user_principal():
|
|
|
|
''' test the user principal calculated property '''
|
|
|
|
from ordr2.models.users import User
|
|
|
|
|
|
|
|
user = User(id=3)
|
|
|
|
|
|
|
|
assert user.principal == 'user:3'
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
|
|
'role_name, principals', [
|
|
|
|
('UNVALIDATED', ['role:unvalidated']),
|
|
|
|
('NEW', ['role:new']),
|
|
|
|
('USER', ['role:user']),
|
|
|
|
('PURCHASER', ['role:purchaser', 'role:user']),
|
|
|
|
('ADMIN', ['role:admin', 'role:purchaser', 'role:user']),
|
|
|
|
('INACTIVE', ['role:inactive'])
|
|
|
|
]
|
|
|
|
)
|
|
|
|
def test_user_role_principals(role_name, principals):
|
|
|
|
''' test the user's role principals calculated property '''
|
|
|
|
from ordr2.models.users import User, Role
|
|
|
|
|
|
|
|
role = Role[role_name]
|
|
|
|
user = User(role=role)
|
|
|
|
|
|
|
|
assert user.role_principals == principals
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
|
|
'role_name, is_active', [
|
|
|
|
('UNVALIDATED', False),
|
|
|
|
('NEW', False),
|
|
|
|
('USER', True),
|
|
|
|
('PURCHASER', True),
|
|
|
|
('ADMIN', True),
|
|
|
|
('INACTIVE', False)
|
|
|
|
]
|
|
|
|
)
|
|
|
|
def test_user_is_active(role_name, is_active):
|
|
|
|
''' test if is_active returns correct value based on the user's role '''
|
|
|
|
from ordr2.models.users import User, Role
|
|
|
|
|
|
|
|
role = Role[role_name]
|
|
|
|
user = User(role=role)
|
|
|
|
|
|
|
|
assert user.is_active == is_active
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_set_password():
|
|
|
|
''' test password hash generation '''
|
|
|
|
from ordr2.models.users import User, passlib_context
|
|
|
|
|
|
|
|
passlib_context.update(schemes=['argon2', 'bcrypt'])
|
|
|
|
user = User(password_hash=None)
|
|
|
|
password = 'Fish Slapping Dance'
|
|
|
|
user.set_password(password)
|
|
|
|
|
|
|
|
assert user.password_hash.startswith('$argon2')
|
|
|
|
assert password not in user.password_hash
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
|
|
'password', [
|
|
|
|
'Fish Slapping Dance',
|
|
|
|
pytest.mark.xfail('Argument Clinic')
|
|
|
|
]
|
|
|
|
)
|
|
|
|
def test_user_check_password_ok(password):
|
|
|
|
''' test password check '''
|
|
|
|
from ordr2.models.users import User, passlib_context
|
|
|
|
|
|
|
|
passlib_context.update(schemes=['argon2', 'bcrypt'], deprecated='auto')
|
|
|
|
user = User(password_hash=None)
|
|
|
|
user.set_password('Fish Slapping Dance')
|
|
|
|
|
|
|
|
assert user.check_password(password)
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_check_password_deprecated_hash():
|
|
|
|
''' test password check updates deprecated hash with new algorithm '''
|
|
|
|
from ordr2.models.users import User
|
|
|
|
from ordr2.security import passlib_context
|
|
|
|
|
|
|
|
passlib_context.update(schemes=['argon2', 'bcrypt'], deprecated='auto')
|
|
|
|
password = 'Fish Slapping Dance'
|
|
|
|
bcrypt_hash = passlib_context.hash(password, scheme='bcrypt')
|
|
|
|
user = User(password_hash=bcrypt_hash)
|
|
|
|
|
|
|
|
assert user.check_password(password)
|
|
|
|
assert user.password_hash != bcrypt_hash
|
|
|
|
assert user.password_hash.startswith('$argon2')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_string_representation():
|
|
|
|
''' test the string representation of the user '''
|
|
|
|
from ordr2.models.users import User, Role
|
|
|
|
|
|
|
|
user = User(username='FooBar')
|
|
|
|
|
|
|
|
assert str(user) == 'FooBar'
|