import pytest from datetime import datetime, timedelta from pyramid.testing import DummyRequest from .. import app_config # noqa: F401 @pytest.mark.parametrize( 'key,result', [('NEW', 'role:new'), ('USER', 'role:user')] ) def test_role_principal(key, result): from ordr.models.account import Role subject = Role[key] assert subject.principal == result @pytest.mark.parametrize( 'key,result', [('NEW', 'New'), ('USER', 'User')] ) def test_role__str__(key, result): from ordr.models.account import Role subject = Role[key] assert str(subject) == result @pytest.mark.parametrize('id_', [1, 2, 5, 123]) def test_user_principal(id_): from ordr.models.account import User user = User(id=id_) assert user.principal == f'user:{id_}' @pytest.mark.parametrize( 'name, principals', [ ('UNVALIDATED', ['role:unvalidated']), ('NEW', ['role:new']), ('USER', ['role:user']), ('PURCHASER', ['role:purchaser', 'role:user']), ('ADMIN', ['role:admin', 'role:purchaser', 'role:user']), ('INACTIVE', ['role:inactive']), ] ) def test_user_principals(name, principals): from ordr.models.account import User, Role user = User(id=1, role=Role[name]) expected = ['user:1'] expected.extend(principals) assert expected == user.principals @pytest.mark.parametrize( 'name, expected', [ ('UNVALIDATED', False), ('NEW', False), ('USER', True), ('PURCHASER', True), ('ADMIN', True), ('INACTIVE', False), ] ) def test_user_is_active(name, expected): from ordr.models.account import User, Role user = User(id=1, role=Role[name]) assert expected == user.is_active def test_user_set_password(): from ordr.models.account import User from ordr.security import password_context password_context.update(schemes=['argon2']) user = User() assert user.password_hash is None user.set_password('password') assert user.password_hash.startswith('$argon2') @pytest.mark.parametrize( 'password,expected', [ ('', False), ('wrong', False), ('password', True), ] ) def test_user_check_password(password, expected): from ordr.models.account import User from ordr.security import password_context password_context.update(schemes=['argon2']) hash = ('$argon2i$v=19$m=512,t=2,p=2$' 'YcyZMyak9D7nvFfKmVOq1Q$fnzNh58HWfvxHvRDGjhTqA' ) user = User(password_hash=hash) assert user.check_password(password) == expected def test_user_check_password_updates_old_sheme(): from ordr.models.account import User from ordr.security import password_context password_context.update( schemes=['argon2', 'bcrypt'], default='argon2', deprecated='auto' ) old_hash = '$2b$12$6ljSfpLaXBeEVOeaP1scUe6IAa0cztM.UBbjc1PdrI4j0vwgoYgpi' user = User(password_hash=old_hash) assert user.check_password('password') assert user.password_hash.startswith('$argon2') assert user.check_password('password') def test_user__str__(): from ordr.models.account import User user = User(username='Eric Idle') assert str(user) == 'Eric Idle' def test_user_issue_token(app_config): # noqa: F811 from ordr.models.account import User, Token, TokenSubject request = DummyRequest() user = User() token = user.issue_token(request, TokenSubject.REGISTRATION, {'foo': 1}) assert isinstance(token, Token) assert token.hash is not None assert token.subject == TokenSubject.REGISTRATION assert token.payload == {'foo': 1} assert token.owner == user def test_token_issue_token(app_config): # noqa: F811 from ordr.models.account import User, Token, TokenSubject request = DummyRequest() user = User() token = Token.issue(request, user, TokenSubject.REGISTRATION, {'foo': 1}) expected_expires = datetime.utcnow() + timedelta(minutes=5) assert isinstance(token, Token) assert token.hash is not None assert token.subject == TokenSubject.REGISTRATION assert token.payload == {'foo': 1} assert token.owner == user assert token.expires.timestamp() == pytest.approx( expected_expires.timestamp(), abs=1 ) @pytest.mark.parametrize( # noqa: F811 'subject,delta', [('REGISTRATION', 5), ('RESET_PASSWORD', 10)] ) def test_token_issue_token_time_from_settings(app_config, subject, delta): from ordr.models.account import User, Token, TokenSubject request = DummyRequest() request.registry.settings['token_expiry.reset_password'] = 10 user = User() token_subject = TokenSubject[subject] token = Token.issue(request, user, token_subject, None) expected_expires = datetime.utcnow() + timedelta(minutes=delta) assert token.expires.timestamp() == pytest.approx( expected_expires.timestamp(), abs=1 )