import pytest from pyramid.testing import DummyRequest from . import app_config, dbsession, get_example_user def test_crypt_context_to_settings(): from ordr.security import crypt_context_settings_to_string settings = { 'no_prefix': 'should not appear', 'prefix.something': 'left unchanged', 'prefix.schemes': 'adjust list', 'prefix.depreceated': 'do, not, adjust, this, list' } result = crypt_context_settings_to_string(settings, 'prefix.') expected_lines = { '[passlib]', 'something = left unchanged', 'schemes = adjust,list', 'depreceated = do, not, adjust, this, list', } assert set(result.split('\n')) == expected_lines def test_authentication_policy_authenticated_user_id_no_user(): from ordr.security import AuthenticationPolicy ap = AuthenticationPolicy('') request = DummyRequest(user=None) assert ap.authenticated_userid(request) is None def test_authentication_policy_authenticated_user_id_with_user(): from ordr.security import AuthenticationPolicy from ordr.models import User ap = AuthenticationPolicy('') request = DummyRequest(user=User(id=123)) assert ap.authenticated_userid(request) == 123 def test_authentication_policy_effective_principals_no_user(): from ordr.security import AuthenticationPolicy from pyramid.security import Everyone request = DummyRequest(user=None) ap = AuthenticationPolicy('') result = ap.effective_principals(request) assert result == [Everyone] def test_authentication_policy_effective_principals_no_user(): from ordr.security import AuthenticationPolicy from ordr.models import User, Role from pyramid.security import Authenticated, Everyone ap = AuthenticationPolicy('') user = User(id=123, role=Role.PURCHASER) request = DummyRequest(user=user) result = ap.effective_principals(request) expected = [ Everyone, Authenticated, 'user:123', 'role:purchaser', 'role:user' ] assert result == expected @pytest.mark.parametrize( 'uauid,role_name', [ (3, 'USER'), (4, 'PURCHASER'), (5, 'ADMIN'), ] ) def test_get_user_returns_user(dbsession, uauid, role_name): from ordr.security import get_user from ordr.models import User, Role # this is a dirty hack, but DummyRequest does not accept setting an # unauthenticated_userid from pyramid.testing import DummyResource request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession) user_role = Role[role_name] user = get_example_user(user_role) dbsession.add(user) dbsession.flush() assert get_user(request) == user @pytest.mark.parametrize( 'uauid,role_name', [ (1, 'UNVALIDATED'), (2, 'NEW'), (6, 'INACTIVE'), (2, 'USER'), (None, 'USER'), ] ) def test_get_user_returns_none(dbsession, uauid, role_name): from ordr.security import get_user from ordr.models import User, Role # this is a dirty hack, but DummyRequest does not accept setting an # unauthenticated_userid from pyramid.testing import DummyResource request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession) user_role = Role[role_name] user = get_example_user(user_role) dbsession.add(user) dbsession.flush() assert get_user(request) is None