You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
161 lines
4.9 KiB
161 lines
4.9 KiB
7 years ago
|
import pytest
|
||
|
|
||
7 years ago
|
from datetime import datetime, timedelta
|
||
|
from pyramid.testing import DummyRequest
|
||
|
|
||
7 years ago
|
from .. import app_config # noqa: F401
|
||
7 years ago
|
|
||
7 years ago
|
|
||
|
@pytest.mark.parametrize(
|
||
|
'key,result', [('NEW', 'role:new'), ('USER', 'role:user')]
|
||
|
)
|
||
|
def test_role_principal(key, result):
|
||
|
from ordr.models.account import Role
|
||
|
subject = Role[key]
|
||
|
assert subject.principal == result
|
||
|
|
||
|
|
||
|
@pytest.mark.parametrize(
|
||
|
'key,result', [('NEW', 'New'), ('USER', 'User')]
|
||
|
)
|
||
|
def test_role__str__(key, result):
|
||
|
from ordr.models.account import Role
|
||
|
subject = Role[key]
|
||
|
assert str(subject) == result
|
||
7 years ago
|
|
||
|
|
||
|
@pytest.mark.parametrize('id_', [1, 2, 5, 123])
|
||
|
def test_user_principal(id_):
|
||
|
from ordr.models.account import User
|
||
|
user = User(id=id_)
|
||
|
assert user.principal == f'user:{id_}'
|
||
|
|
||
|
|
||
|
@pytest.mark.parametrize(
|
||
|
'name, principals', [
|
||
|
('UNVALIDATED', ['role:unvalidated']),
|
||
|
('NEW', ['role:new']),
|
||
|
('USER', ['role:user']),
|
||
|
('PURCHASER', ['role:purchaser', 'role:user']),
|
||
|
('ADMIN', ['role:admin', 'role:purchaser', 'role:user']),
|
||
|
('INACTIVE', ['role:inactive']),
|
||
|
]
|
||
|
)
|
||
7 years ago
|
def test_user_principals(name, principals):
|
||
7 years ago
|
from ordr.models.account import User, Role
|
||
|
user = User(id=1, role=Role[name])
|
||
|
expected = ['user:1']
|
||
|
expected.extend(principals)
|
||
7 years ago
|
assert expected == user.principals
|
||
7 years ago
|
|
||
7 years ago
|
|
||
7 years ago
|
@pytest.mark.parametrize(
|
||
|
'name, expected', [
|
||
|
('UNVALIDATED', False),
|
||
|
('NEW', False),
|
||
|
('USER', True),
|
||
|
('PURCHASER', True),
|
||
|
('ADMIN', True),
|
||
|
('INACTIVE', False),
|
||
|
]
|
||
|
)
|
||
|
def test_user_is_active(name, expected):
|
||
|
from ordr.models.account import User, Role
|
||
|
user = User(id=1, role=Role[name])
|
||
|
assert expected == user.is_active
|
||
|
|
||
|
|
||
|
def test_user_set_password():
|
||
|
from ordr.models.account import User
|
||
|
from ordr.security import password_context
|
||
|
password_context.update(schemes=['argon2'])
|
||
|
user = User()
|
||
|
assert user.password_hash is None
|
||
|
user.set_password('password')
|
||
|
assert user.password_hash.startswith('$argon2')
|
||
|
|
||
|
|
||
|
@pytest.mark.parametrize(
|
||
|
'password,expected', [
|
||
|
('', False),
|
||
|
('wrong', False),
|
||
|
('password', True),
|
||
|
]
|
||
|
)
|
||
|
def test_user_check_password(password, expected):
|
||
|
from ordr.models.account import User
|
||
|
from ordr.security import password_context
|
||
|
password_context.update(schemes=['argon2'])
|
||
|
hash = ('$argon2i$v=19$m=512,t=2,p=2$'
|
||
|
'YcyZMyak9D7nvFfKmVOq1Q$fnzNh58HWfvxHvRDGjhTqA'
|
||
|
)
|
||
|
user = User(password_hash=hash)
|
||
|
assert user.check_password(password) == expected
|
||
|
|
||
|
|
||
|
def test_user_check_password_updates_old_sheme():
|
||
|
from ordr.models.account import User
|
||
|
from ordr.security import password_context
|
||
|
password_context.update(
|
||
|
schemes=['argon2', 'bcrypt'],
|
||
|
default='argon2',
|
||
|
deprecated='auto'
|
||
|
)
|
||
|
old_hash = '$2b$12$6ljSfpLaXBeEVOeaP1scUe6IAa0cztM.UBbjc1PdrI4j0vwgoYgpi'
|
||
|
user = User(password_hash=old_hash)
|
||
|
assert user.check_password('password')
|
||
|
assert user.password_hash.startswith('$argon2')
|
||
|
assert user.check_password('password')
|
||
|
|
||
|
|
||
|
def test_user__str__():
|
||
|
from ordr.models.account import User
|
||
|
user = User(username='Eric Idle')
|
||
|
assert str(user) == 'Eric Idle'
|
||
|
|
||
|
|
||
|
def test_user_issue_token(app_config): # noqa: F811
|
||
|
from ordr.models.account import User, Token, TokenSubject
|
||
|
request = DummyRequest()
|
||
|
user = User()
|
||
|
token = user.issue_token(request, TokenSubject.REGISTRATION, {'foo': 1})
|
||
|
assert isinstance(token, Token)
|
||
|
assert token.hash is not None
|
||
|
assert token.subject == TokenSubject.REGISTRATION
|
||
|
assert token.payload == {'foo': 1}
|
||
|
assert token.owner == user
|
||
|
|
||
|
|
||
|
def test_token_issue_token(app_config): # noqa: F811
|
||
|
from ordr.models.account import User, Token, TokenSubject
|
||
|
request = DummyRequest()
|
||
|
user = User()
|
||
|
token = Token.issue(request, user, TokenSubject.REGISTRATION, {'foo': 1})
|
||
|
expected_expires = datetime.utcnow() + timedelta(minutes=5)
|
||
|
assert isinstance(token, Token)
|
||
|
assert token.hash is not None
|
||
|
assert token.subject == TokenSubject.REGISTRATION
|
||
|
assert token.payload == {'foo': 1}
|
||
|
assert token.owner == user
|
||
|
assert token.expires.timestamp() == pytest.approx(
|
||
|
expected_expires.timestamp(),
|
||
|
abs=1
|
||
|
)
|
||
|
|
||
|
|
||
|
@pytest.mark.parametrize( # noqa: F811
|
||
|
'subject,delta', [('REGISTRATION', 5), ('RESET_PASSWORD', 10)]
|
||
|
)
|
||
|
def test_token_issue_token_time_from_settings(app_config, subject, delta):
|
||
|
from ordr.models.account import User, Token, TokenSubject
|
||
|
request = DummyRequest()
|
||
|
request.registry.settings['token_expiry.reset_password'] = 10
|
||
|
user = User()
|
||
|
token_subject = TokenSubject[subject]
|
||
|
token = Token.issue(request, user, token_subject, None)
|
||
|
expected_expires = datetime.utcnow() + timedelta(minutes=delta)
|
||
|
assert token.expires.timestamp() == pytest.approx(
|
||
|
expected_expires.timestamp(),
|
||
|
abs=1
|
||
|
)
|