ordr2/tests/security.py

import pytest

from pyramid.testing import DummyRequest

from . import app_config, dbsession, get_example_user  # noqa: F401


def test_crypt_context_to_settings():
    ''' test the transformation of .ini styles from pyramid to passlib '''
    from ordr.security import crypt_context_settings_to_string

    settings = {
        'no_prefix': 'should not appear',
        'prefix.something': 'left unchanged',
        'prefix.schemes': 'adjust list',
        'prefix.depreceated': 'do, not, adjust, this, list'
        }
    result = crypt_context_settings_to_string(settings, 'prefix.')
    expected_lines = {
        '[passlib]',
        'something = left unchanged',
        'schemes = adjust,list',
        'depreceated = do, not, adjust, this, list',
        }

    assert set(result.split('\n')) == expected_lines


def test_authentication_policy_authenticated_user_id_no_user():
    ''' test 'authenticated_userid()' returns None if no user is logged in '''
    from ordr.security import AuthenticationPolicy
    
    ap = AuthenticationPolicy('')
    request = DummyRequest(user=None)
    
    assert ap.authenticated_userid(request) is None
    

def test_authentication_policy_authenticated_user_id_with_user():
    ''' test 'authenticated_userid()' returns id if user is logged in '''
    from ordr.security import AuthenticationPolicy
    from ordr.models import User
    
    ap = AuthenticationPolicy('')
    request = DummyRequest(user=User(id=123))
    
    assert ap.authenticated_userid(request) == 123


def test_authentication_policy_effective_principals_no_user():
    ''' test 'effective_principals()' if not user is logged in '''
    from ordr.security import AuthenticationPolicy
    from pyramid.security import Everyone
    
    request = DummyRequest(user=None)
    ap = AuthenticationPolicy('')
    result = ap.effective_principals(request)
    
    assert result == [Everyone]
    
    
def test_authentication_policy_effective_principals_with_user():
    ''' test 'effective_principals()' if user is logged in '''
    from ordr.security import AuthenticationPolicy
    from ordr.models import User, Role
    from pyramid.security import Authenticated, Everyone
   
    ap = AuthenticationPolicy('')
    user = User(id=123, role=Role.PURCHASER)
    request = DummyRequest(user=user)
    result = ap.effective_principals(request)
    expected = [
        Everyone,
        Authenticated,
        'user:123',
        'role:purchaser',
        'role:user'
        ]
    
    assert result == expected


@pytest.mark.parametrize(  # noqa: F811
    'uauid,role_name', [
        (3, 'USER'),
        (4, 'PURCHASER'),
        (5, 'ADMIN'),
        ]
    )
def test_get_user_returns_user(dbsession, uauid, role_name):
    ''' test 'get_user()' returns active user '''
    from ordr.security import get_user
    from ordr.models import Role
    
    # this is a dirty hack, but DummyRequest does not accept setting an
    # unauthenticated_userid
    from pyramid.testing import DummyResource
    request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)
    
    user_role = Role[role_name]
    user = get_example_user(user_role)
    dbsession.add(user)
    dbsession.flush()
    
    assert get_user(request) == user


@pytest.mark.parametrize(  # noqa: F811
    'uauid,role_name', [
        (1, 'UNVALIDATED'),
        (2, 'NEW'),
        (6, 'INACTIVE'),
        (2, 'USER'),
        (None, 'USER'),
        ]
    )
def test_get_user_returns_none(dbsession, uauid, role_name):
    ''' test 'get_user()' returns None for an inactive user '''
    from ordr.security import get_user
    from ordr.models import Role
    
    # this is a dirty hack, but DummyRequest does not accept setting an
    # unauthenticated_userid
    from pyramid.testing import DummyResource
    request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)
    
    user_role = Role[role_name]
    user = get_example_user(user_role)
    dbsession.add(user)
    dbsession.flush()
    
    assert get_user(request) is None
added authorization and authentification 7 years ago			`import pytest`

			`from pyramid.testing import DummyRequest`

cleanup after linting 7 years ago			`from . import app_config, dbsession, get_example_user # noqa: F401`
added authorization and authentification 7 years ago
added tests for root resource and security module 7 years ago
			`def test_crypt_context_to_settings():`
linting and documentation 7 years ago			`''' test the transformation of .ini styles from pyramid to passlib '''`
added tests for root resource and security module 7 years ago			`from ordr.security import crypt_context_settings_to_string`
finished registration workflow 7 years ago
added tests for root resource and security module 7 years ago			`settings = {`
			`'no_prefix': 'should not appear',`
			`'prefix.something': 'left unchanged',`
			`'prefix.schemes': 'adjust list',`
			`'prefix.depreceated': 'do, not, adjust, this, list'`
			`}`
			`result = crypt_context_settings_to_string(settings, 'prefix.')`
			`expected_lines = {`
			`'[passlib]',`
			`'something = left unchanged',`
			`'schemes = adjust,list',`
			`'depreceated = do, not, adjust, this, list',`
			`}`
finished registration workflow 7 years ago
added tests for root resource and security module 7 years ago			`assert set(result.split('\n')) == expected_lines`
added authorization and authentification 7 years ago

			`def test_authentication_policy_authenticated_user_id_no_user():`
linting and documentation 7 years ago			`''' test 'authenticated_userid()' returns None if no user is logged in '''`
added authorization and authentification 7 years ago			`from ordr.security import AuthenticationPolicy`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`ap = AuthenticationPolicy('')`
			`request = DummyRequest(user=None)`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`assert ap.authenticated_userid(request) is None`


			`def test_authentication_policy_authenticated_user_id_with_user():`
linting and documentation 7 years ago			`''' test 'authenticated_userid()' returns id if user is logged in '''`
added authorization and authentification 7 years ago			`from ordr.security import AuthenticationPolicy`
			`from ordr.models import User`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`ap = AuthenticationPolicy('')`
			`request = DummyRequest(user=User(id=123))`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`assert ap.authenticated_userid(request) == 123`


			`def test_authentication_policy_effective_principals_no_user():`
linting and documentation 7 years ago			`''' test 'effective_principals()' if not user is logged in '''`
added authorization and authentification 7 years ago			`from ordr.security import AuthenticationPolicy`
cleanup after linting 7 years ago			`from pyramid.security import Everyone`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`request = DummyRequest(user=None)`
			`ap = AuthenticationPolicy('')`
			`result = ap.effective_principals(request)`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`assert result == [Everyone]`


cleanup after linting 7 years ago			`def test_authentication_policy_effective_principals_with_user():`
linting and documentation 7 years ago			`''' test 'effective_principals()' if user is logged in '''`
added authorization and authentification 7 years ago			`from ordr.security import AuthenticationPolicy`
			`from ordr.models import User, Role`
cleanup after linting 7 years ago			`from pyramid.security import Authenticated, Everyone`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`ap = AuthenticationPolicy('')`
			`user = User(id=123, role=Role.PURCHASER)`
			`request = DummyRequest(user=user)`
			`result = ap.effective_principals(request)`
			`expected = [`
cleanup after linting 7 years ago			`Everyone,`
			`Authenticated,`
			`'user:123',`
			`'role:purchaser',`
added authorization and authentification 7 years ago			`'role:user'`
			`]`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`assert result == expected`


cleanup after linting 7 years ago			`@pytest.mark.parametrize( # noqa: F811`
			`'uauid,role_name', [`
added authorization and authentification 7 years ago			`(3, 'USER'),`
			`(4, 'PURCHASER'),`
			`(5, 'ADMIN'),`
			`]`
			`)`
			`def test_get_user_returns_user(dbsession, uauid, role_name):`
linting and documentation 7 years ago			`''' test 'get_user()' returns active user '''`
added authorization and authentification 7 years ago			`from ordr.security import get_user`
cleanup after linting 7 years ago			`from ordr.models import Role`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`# this is a dirty hack, but DummyRequest does not accept setting an`
			`# unauthenticated_userid`
			`from pyramid.testing import DummyResource`
			`request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`user_role = Role[role_name]`
			`user = get_example_user(user_role)`
			`dbsession.add(user)`
			`dbsession.flush()`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`assert get_user(request) == user`


cleanup after linting 7 years ago			`@pytest.mark.parametrize( # noqa: F811`
			`'uauid,role_name', [`
added authorization and authentification 7 years ago			`(1, 'UNVALIDATED'),`
			`(2, 'NEW'),`
			`(6, 'INACTIVE'),`
			`(2, 'USER'),`
			`(None, 'USER'),`
			`]`
			`)`
			`def test_get_user_returns_none(dbsession, uauid, role_name):`
linting and documentation 7 years ago			`''' test 'get_user()' returns None for an inactive user '''`
added authorization and authentification 7 years ago			`from ordr.security import get_user`
cleanup after linting 7 years ago			`from ordr.models import Role`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`# this is a dirty hack, but DummyRequest does not accept setting an`
			`# unauthenticated_userid`
			`from pyramid.testing import DummyResource`
			`request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`user_role = Role[role_name]`
			`user = get_example_user(user_role)`
			`dbsession.add(user)`
			`dbsession.flush()`
finished registration workflow 7 years ago
added authorization and authentification 7 years ago			`assert get_user(request) is None`