ordr2/tests/security.py

''' Tests for ordr2.security '''

import pytest

from . import app_config, dbsession, create_users


# tests for ordr2.security.AuthenticationPolicy

def test_authenticated_userid_no_user():
    ''' test if authenticated user id is None if no active user present '''
    from pyramid.testing import DummyRequest
    from ordr2.security import AuthenticationPolicy

    request = DummyRequest(user=None)
    policy = AuthenticationPolicy(secret='')

    assert policy.authenticated_userid(request) is None


def test_authenticated_userid_with_user():
    ''' test if authenticated user id is the id of the user '''
    from pyramid.testing import DummyRequest
    from ordr2.models import User
    from ordr2.security import AuthenticationPolicy

    user = User(id=3)
    request = DummyRequest(user=user)
    policy = AuthenticationPolicy(secret='')

    assert policy.authenticated_userid(request) == 3


def test_effective_principals_no_user():
    ''' test the effective principals if no user is authenticated '''
    from pyramid.testing import DummyRequest
    from pyramid.security import Everyone
    from ordr2.security import AuthenticationPolicy

    request = DummyRequest(user=None)
    policy = AuthenticationPolicy(secret='')

    assert policy.effective_principals(request) == [Everyone]


@pytest.mark.parametrize(
    'role_name, role_principals', [
        ('UNVALIDATED', ['role:unvalidated']),
        ('NEW', ['role:new']),
        ('USER', ['role:user']),
        ('PURCHASER', ['role:purchaser', 'role:user']),
        ('ADMIN', ['role:admin', 'role:purchaser', 'role:user']),
        ('INACTIVE', ['role:inactive'])
        ]
    )
def test_effective_principals_with_user(role_name, role_principals):
    ''' test the effective principals if a user is authenticated '''
    from pyramid.testing import DummyRequest
    from pyramid.security import Authenticated, Everyone
    from ordr2.models import User, Role
    from ordr2.security import AuthenticationPolicy

    role = Role[role_name]
    user = User(id=3, role=role)
    request = DummyRequest(user=user)
    policy = AuthenticationPolicy(secret='')

    expected = [Everyone, Authenticated, 'user:3']
    expected.extend(role_principals)
    assert policy.effective_principals(request) == expected


# tests for the get_user function

def test_get_user_no_unauthenticated_user_id():
    ''' get_user() should return None if unauthenticated_userid is None '''
    from pyramid.testing import DummyRequest
    from ordr2.security import get_user

    request = DummyRequest(unauthenticated_userid=None)

    assert get_user(request) is None


@pytest.mark.parametrize('user_id', [3, 4, 5])
def test_get_user_known_authenticated_user_id(user_id, dbsession):
    ''' get_user() should return user instance on known active user '''
    from collections import namedtuple
    from ordr2.models import User, Role
    from ordr2.security import get_user

    create_users(dbsession)
    # pyramid.testing.DummyRequest can't be used, since the parameter
    # unauthenticated_userid cannot be set. A named tuple is used instead
    Request = namedtuple('Request', 'dbsession, unauthenticated_userid')
    request = Request(dbsession=dbsession, unauthenticated_userid=user_id)
    user = get_user(request)

    assert isinstance(user, User)


@pytest.mark.parametrize('user_id', [1, 2, 6, 1969])
def test_get_user_with_unknown_or_inactive_id(user_id, dbsession):
    ''' get_user() should return None on inactive users or unknown ids '''
    from collections import namedtuple
    from ordr2.models import User, Role
    from ordr2.security import get_user

    create_users(dbsession)
    # pyramid.testing.DummyRequest can't be used, since the parameter
    # unauthenticated_userid cannot be set. A named tuple is used instead
    Request = namedtuple('Request', 'dbsession, unauthenticated_userid')
    request = Request(dbsession=dbsession, unauthenticated_userid=user_id)
    user = get_user(request)

    assert user is None
added security module also started using fixtures on tests 7 years ago			`''' Tests for ordr2.security '''`

			`import pytest`

			`from . import app_config, dbsession, create_users`


			`# tests for ordr2.security.AuthenticationPolicy`

			`def test_authenticated_userid_no_user():`
			`''' test if authenticated user id is None if no active user present '''`
			`from pyramid.testing import DummyRequest`
			`from ordr2.security import AuthenticationPolicy`

			`request = DummyRequest(user=None)`
			`policy = AuthenticationPolicy(secret='')`

			`assert policy.authenticated_userid(request) is None`


			`def test_authenticated_userid_with_user():`
			`''' test if authenticated user id is the id of the user '''`
			`from pyramid.testing import DummyRequest`
			`from ordr2.models import User`
			`from ordr2.security import AuthenticationPolicy`

			`user = User(id=3)`
			`request = DummyRequest(user=user)`
			`policy = AuthenticationPolicy(secret='')`

			`assert policy.authenticated_userid(request) == 3`


			`def test_effective_principals_no_user():`
			`''' test the effective principals if no user is authenticated '''`
			`from pyramid.testing import DummyRequest`
			`from pyramid.security import Everyone`
			`from ordr2.security import AuthenticationPolicy`

			`request = DummyRequest(user=None)`
			`policy = AuthenticationPolicy(secret='')`

			`assert policy.effective_principals(request) == [Everyone]`


			`@pytest.mark.parametrize(`
			`'role_name, role_principals', [`
			`('UNVALIDATED', ['role:unvalidated']),`
			`('NEW', ['role:new']),`
			`('USER', ['role:user']),`
			`('PURCHASER', ['role:purchaser', 'role:user']),`
			`('ADMIN', ['role:admin', 'role:purchaser', 'role:user']),`
			`('INACTIVE', ['role:inactive'])`
			`]`
			`)`
			`def test_effective_principals_with_user(role_name, role_principals):`
			`''' test the effective principals if a user is authenticated '''`
			`from pyramid.testing import DummyRequest`
			`from pyramid.security import Authenticated, Everyone`
			`from ordr2.models import User, Role`
			`from ordr2.security import AuthenticationPolicy`

			`role = Role[role_name]`
			`user = User(id=3, role=role)`
			`request = DummyRequest(user=user)`
			`policy = AuthenticationPolicy(secret='')`

			`expected = [Everyone, Authenticated, 'user:3']`
			`expected.extend(role_principals)`
			`assert policy.effective_principals(request) == expected`


			`# tests for the get_user function`

			`def test_get_user_no_unauthenticated_user_id():`
			`''' get_user() should return None if unauthenticated_userid is None '''`
			`from pyramid.testing import DummyRequest`
			`from ordr2.security import get_user`

			`request = DummyRequest(unauthenticated_userid=None)`

			`assert get_user(request) is None`


tests marked xfail now moved to separate functions pytest.mark.xfail should be used to mark tests that need revisiting if further sections of the app are done e.g. functional test for user registration should be marked xfail until the admin section is done to check for entries 7 years ago			`@pytest.mark.parametrize('user_id', [3, 4, 5])`
			`def test_get_user_known_authenticated_user_id(user_id, dbsession):`
			`''' get_user() should return user instance on known active user '''`
added security module also started using fixtures on tests 7 years ago			`from collections import namedtuple`
			`from ordr2.models import User, Role`
			`from ordr2.security import get_user`

			`create_users(dbsession)`
			`# pyramid.testing.DummyRequest can't be used, since the parameter`
			`# unauthenticated_userid cannot be set. A named tuple is used instead`
			`Request = namedtuple('Request', 'dbsession, unauthenticated_userid')`
			`request = Request(dbsession=dbsession, unauthenticated_userid=user_id)`
			`user = get_user(request)`

			`assert isinstance(user, User)`
tests marked xfail now moved to separate functions pytest.mark.xfail should be used to mark tests that need revisiting if further sections of the app are done e.g. functional test for user registration should be marked xfail until the admin section is done to check for entries 7 years ago

			`@pytest.mark.parametrize('user_id', [1, 2, 6, 1969])`
			`def test_get_user_with_unknown_or_inactive_id(user_id, dbsession):`
			`''' get_user() should return None on inactive users or unknown ids '''`
			`from collections import namedtuple`
			`from ordr2.models import User, Role`
			`from ordr2.security import get_user`

			`create_users(dbsession)`
			`# pyramid.testing.DummyRequest can't be used, since the parameter`
			`# unauthenticated_userid cannot be set. A named tuple is used instead`
			`Request = namedtuple('Request', 'dbsession, unauthenticated_userid')`
			`request = Request(dbsession=dbsession, unauthenticated_userid=user_id)`
			`user = get_user(request)`

			`assert user is None`