ordr2/tests/resources/account.py

''' Tests for ordr2.resources.account '''

import pytest

from pyramid.testing import DummyRequest

from .. import app_config, dbsession, get_user

# helper function

def get_root_resource(role_name=None, **kwargs):
    ''' return a root resource '''
    from ordr2.resources import RootResource
    user = get_user(role_name) if role_name else None
    request = DummyRequest(user=user, **kwargs)
    return RootResource(request)


# tests for token resources

def test_registration_token_acl():
    ''' test the access controll list of the registration token resource '''
    from pyramid.security import Allow, Authenticated, Deny, Everyone, DENY_ALL
    from ordr2.resources.account import RegistrationToken

    root = get_root_resource()
    resource = RegistrationToken(None, root, None)

    assert resource.__acl__() == [
        (Deny, Authenticated, 'register'),
        (Allow, Everyone, 'register'),
        DENY_ALL
        ]

def test_email_verification_token_acl(app_config):
    ''' test the access controll list of the email token resource '''
    from pyramid.security import Allow, Authenticated, Deny, Everyone, DENY_ALL
    from ordr2.models.account import User, Token
    from ordr2.resources.account import EmailVerificationToken

    root = get_root_resource('user')
    token = Token(owner=root.request.user)
    resource = EmailVerificationToken(None, root, token)

    assert resource.__acl__() == [(Allow, 'user:3', 'settings'), DENY_ALL]

def test_password_reset_token_acl():
    ''' test the access controll list of the password token resource '''
    from pyramid.security import Allow, Everyone, DENY_ALL
    from ordr2.resources.account import ForgottenPasswordToken

    root = get_root_resource()
    resource = ForgottenPasswordToken(None, root, None)

    assert resource.__acl__() == [
        (Allow, Everyone, 'reset password'),
        DENY_ALL
        ]

def test_account_resource_init():
    ''' test __init__ function of base resource '''
    from ordr2.resources.account import AccountResource

    root = get_root_resource('user')
    resource = AccountResource('resource name', root)

    assert resource.__name__ == 'resource name'
    assert resource.__parent__ == root
    assert resource.request == root.request
    assert resource.model == root.request.user

def test_account_resource_acl():
    ''' test the access controll list of the account resource '''
    from pyramid.security import Allow, Authenticated, Deny, Everyone, DENY_ALL
    from ordr2.resources.account import AccountResource

    root = get_root_resource()
    resource = AccountResource('resource name', root)

    assert resource.__acl__() == [
            (Allow, Everyone, 'login'),
            (Allow, Everyone, 'logout'),
            (Deny, Authenticated, 'register'),
            (Allow, Everyone, 'register'),
            (Allow, Everyone, 'reset password'),
            (Allow, Authenticated, 'settings'),
            DENY_ALL
        ]

def test_account_resource_getitem_token_ok(app_config, dbsession):
    ''' test __getitem__ method returns correct token '''
    from ordr2.models.account import TokenSubject
    from ordr2.resources.account import (
        AccountResource,
        EmailVerificationToken
        )

    root = get_root_resource('user', dbsession=dbsession)
    user = root.request.user
    dbsession.add(user)
    hash = user.issue_token(root.request, TokenSubject.CHANGE_EMAIL)
    account = AccountResource(None, root)
    resource = account[hash]

    assert isinstance(resource, EmailVerificationToken)
    assert resource.__name__ == hash
    assert resource.__parent__ == account
    assert resource.model.hash == hash
    assert resource.model.owner == root.request.user


def test_account_resource_getitem_token_not_found(dbsession):
    ''' test __getitem__ raises KeyError on unknown token hash '''
    from ordr2.resources.account import AccountResource

    root = get_root_resource('user', dbsession=dbsession)
    account = AccountResource(None, root)

    with pytest.raises(KeyError):
        resource = account['unknown token hash']


def test_account_resource_getitem_token_expired(dbsession):
    ''' test __getitem__ raises KeyError on unknown token hash '''
    from datetime import datetime
    from ordr2.models.account import Token, TokenSubject
    from ordr2.resources.account import (
        AccountResource,
        EmailVerificationToken
        )

    root = get_root_resource('user', dbsession=dbsession)
    token = Token.issue(
        root.request,
        root.request.user,
        TokenSubject.CHANGE_EMAIL
        )
    token.expires = datetime(year=2000, month=1, day=1)
    dbsession.add(token)
    account = AccountResource(None, root)

    with pytest.raises(KeyError) as excinfo:
        resource = account[token.hash]
        assert f'Token {token.hash} has expired' in str(excinfo.value)
updated tests for resources 7 years ago			`''' Tests for ordr2.resources.account '''`

			`import pytest`

testing of token resources 7 years ago			`from pyramid.testing import DummyRequest`

			`from .. import app_config, dbsession, get_user`

			`# helper function`

			`def get_root_resource(role_name=None, **kwargs):`
			`''' return a root resource '''`
			`from ordr2.resources import RootResource`
			`user = get_user(role_name) if role_name else None`
			`request = DummyRequest(user=user, **kwargs)`
			`return RootResource(request)`


			`# tests for token resources`

			`def test_registration_token_acl():`
			`''' test the access controll list of the registration token resource '''`
			`from pyramid.security import Allow, Authenticated, Deny, Everyone, DENY_ALL`
			`from ordr2.resources.account import RegistrationToken`

			`root = get_root_resource()`
			`resource = RegistrationToken(None, root, None)`

			`assert resource.__acl__() == [`
			`(Deny, Authenticated, 'register'),`
			`(Allow, Everyone, 'register'),`
			`DENY_ALL`
			`]`

			`def test_email_verification_token_acl(app_config):`
			`''' test the access controll list of the email token resource '''`
			`from pyramid.security import Allow, Authenticated, Deny, Everyone, DENY_ALL`
			`from ordr2.models.account import User, Token`
			`from ordr2.resources.account import EmailVerificationToken`

			`root = get_root_resource('user')`
			`token = Token(owner=root.request.user)`
			`resource = EmailVerificationToken(None, root, token)`

			`assert resource.__acl__() == [(Allow, 'user:3', 'settings'), DENY_ALL]`

			`def test_password_reset_token_acl():`
			`''' test the access controll list of the password token resource '''`
			`from pyramid.security import Allow, Everyone, DENY_ALL`
			`from ordr2.resources.account import ForgottenPasswordToken`

			`root = get_root_resource()`
			`resource = ForgottenPasswordToken(None, root, None)`

			`assert resource.__acl__() == [`
			`(Allow, Everyone, 'reset password'),`
			`DENY_ALL`
			`]`
updated tests for resources 7 years ago
			`def test_account_resource_init():`
			`''' test __init__ function of base resource '''`
testing of token resources 7 years ago			`from ordr2.resources.account import AccountResource`
updated tests for resources 7 years ago
testing of token resources 7 years ago			`root = get_root_resource('user')`
updated tests for resources 7 years ago			`resource = AccountResource('resource name', root)`

			`assert resource.__name__ == 'resource name'`
			`assert resource.__parent__ == root`
testing of token resources 7 years ago			`assert resource.request == root.request`
			`assert resource.model == root.request.user`
updated tests for resources 7 years ago
			`def test_account_resource_acl():`
testing of token resources 7 years ago			`''' test the access controll list of the account resource '''`
updated tests for resources 7 years ago			`from pyramid.security import Allow, Authenticated, Deny, Everyone, DENY_ALL`
testing of token resources 7 years ago			`from ordr2.resources.account import AccountResource`
updated tests for resources 7 years ago
testing of token resources 7 years ago			`root = get_root_resource()`
updated tests for resources 7 years ago			`resource = AccountResource('resource name', root)`

			`assert resource.__acl__() == [`
			`(Allow, Everyone, 'login'),`
			`(Allow, Everyone, 'logout'),`
			`(Deny, Authenticated, 'register'),`
			`(Allow, Everyone, 'register'),`
testing of token resources 7 years ago			`(Allow, Everyone, 'reset password'),`
updated tests for resources 7 years ago			`(Allow, Authenticated, 'settings'),`
			`DENY_ALL`
			`]`

testing of token resources 7 years ago			`def test_account_resource_getitem_token_ok(app_config, dbsession):`
			`''' test __getitem__ method returns correct token '''`
			`from ordr2.models.account import TokenSubject`
			`from ordr2.resources.account import (`
			`AccountResource,`
			`EmailVerificationToken`
			`)`

			`root = get_root_resource('user', dbsession=dbsession)`
			`user = root.request.user`
			`dbsession.add(user)`
			`hash = user.issue_token(root.request, TokenSubject.CHANGE_EMAIL)`
			`account = AccountResource(None, root)`
			`resource = account[hash]`

			`assert isinstance(resource, EmailVerificationToken)`
			`assert resource.__name__ == hash`
			`assert resource.__parent__ == account`
			`assert resource.model.hash == hash`
			`assert resource.model.owner == root.request.user`


			`def test_account_resource_getitem_token_not_found(dbsession):`
			`''' test __getitem__ raises KeyError on unknown token hash '''`
			`from ordr2.resources.account import AccountResource`

			`root = get_root_resource('user', dbsession=dbsession)`
			`account = AccountResource(None, root)`

			`with pytest.raises(KeyError):`
			`resource = account['unknown token hash']`


			`def test_account_resource_getitem_token_expired(dbsession):`
			`''' test __getitem__ raises KeyError on unknown token hash '''`
			`from datetime import datetime`
			`from ordr2.models.account import Token, TokenSubject`
			`from ordr2.resources.account import (`
			`AccountResource,`
			`EmailVerificationToken`
			`)`

			`root = get_root_resource('user', dbsession=dbsession)`
			`token = Token.issue(`
			`root.request,`
			`root.request.user,`
			`TokenSubject.CHANGE_EMAIL`
			`)`
			`token.expires = datetime(year=2000, month=1, day=1)`
			`dbsession.add(token)`
			`account = AccountResource(None, root)`

			`with pytest.raises(KeyError) as excinfo:`
			`resource = account[token.hash]`
			`assert f'Token {token.hash} has expired' in str(excinfo.value)`