import pytest from pyramid.testing import DummyRequest from . import app_config, dbsession, get_example_user # noqa: F401 def test_crypt_context_to_settings(): ''' test the transformation of .ini styles from pyramid to passlib ''' from ordr.security import crypt_context_settings_to_string settings = { 'no_prefix': 'should not appear', 'prefix.something': 'left unchanged', 'prefix.schemes': 'adjust list', 'prefix.depreceated': 'do, not, adjust, this, list' } result = crypt_context_settings_to_string(settings, 'prefix.') expected_lines = { '[passlib]', 'something = left unchanged', 'schemes = adjust,list', 'depreceated = do, not, adjust, this, list', } assert set(result.split('\n')) == expected_lines def test_authentication_policy_authenticated_user_id_no_user(): ''' test 'authenticated_userid()' returns None if no user is logged in ''' from ordr.security import AuthenticationPolicy ap = AuthenticationPolicy('') request = DummyRequest(user=None) assert ap.authenticated_userid(request) is None def test_authentication_policy_authenticated_user_id_with_user(): ''' test 'authenticated_userid()' returns id if user is logged in ''' from ordr.security import AuthenticationPolicy from ordr.models import User ap = AuthenticationPolicy('') request = DummyRequest(user=User(id=123)) assert ap.authenticated_userid(request) == 123 def test_authentication_policy_effective_principals_no_user(): ''' test 'effective_principals()' if not user is logged in ''' from ordr.security import AuthenticationPolicy from pyramid.security import Everyone request = DummyRequest(user=None) ap = AuthenticationPolicy('') result = ap.effective_principals(request) assert result == [Everyone] def test_authentication_policy_effective_principals_with_user(): ''' test 'effective_principals()' if user is logged in ''' from ordr.security import AuthenticationPolicy from ordr.models import User, Role from pyramid.security import Authenticated, Everyone ap = AuthenticationPolicy('') user = User(id=123, role=Role.PURCHASER) request = DummyRequest(user=user) result = ap.effective_principals(request) expected = [ Everyone, Authenticated, 'user:123', 'role:purchaser', 'role:user' ] assert result == expected @pytest.mark.parametrize( # noqa: F811 'uauid,role_name', [ (3, 'USER'), (4, 'PURCHASER'), (5, 'ADMIN'), ] ) def test_get_user_returns_user(dbsession, uauid, role_name): ''' test 'get_user()' returns active user ''' from ordr.security import get_user from ordr.models import Role # this is a dirty hack, but DummyRequest does not accept setting an # unauthenticated_userid from pyramid.testing import DummyResource request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession) user_role = Role[role_name] user = get_example_user(user_role) dbsession.add(user) dbsession.flush() assert get_user(request) == user @pytest.mark.parametrize( # noqa: F811 'uauid,role_name', [ (1, 'UNVALIDATED'), (2, 'NEW'), (6, 'INACTIVE'), (2, 'USER'), (None, 'USER'), ] ) def test_get_user_returns_none(dbsession, uauid, role_name): ''' test 'get_user()' returns None for an inactive user ''' from ordr.security import get_user from ordr.models import Role # this is a dirty hack, but DummyRequest does not accept setting an # unauthenticated_userid from pyramid.testing import DummyResource request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession) user_role = Role[role_name] user = get_example_user(user_role) dbsession.add(user) dbsession.flush() assert get_user(request) is None