You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
160 lines
4.9 KiB
160 lines
4.9 KiB
import pytest |
|
|
|
from datetime import datetime, timedelta |
|
from pyramid.testing import DummyRequest |
|
|
|
from .. import app_config # noqa: F401 |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'key,result', [('NEW', 'role:new'), ('USER', 'role:user')] |
|
) |
|
def test_role_principal(key, result): |
|
from ordr.models.account import Role |
|
subject = Role[key] |
|
assert subject.principal == result |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'key,result', [('NEW', 'New'), ('USER', 'User')] |
|
) |
|
def test_role__str__(key, result): |
|
from ordr.models.account import Role |
|
subject = Role[key] |
|
assert str(subject) == result |
|
|
|
|
|
@pytest.mark.parametrize('id_', [1, 2, 5, 123]) |
|
def test_user_principal(id_): |
|
from ordr.models.account import User |
|
user = User(id=id_) |
|
assert user.principal == f'user:{id_}' |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'name, principals', [ |
|
('UNVALIDATED', ['role:unvalidated']), |
|
('NEW', ['role:new']), |
|
('USER', ['role:user']), |
|
('PURCHASER', ['role:purchaser', 'role:user']), |
|
('ADMIN', ['role:admin', 'role:purchaser', 'role:user']), |
|
('INACTIVE', ['role:inactive']), |
|
] |
|
) |
|
def test_user_principals(name, principals): |
|
from ordr.models.account import User, Role |
|
user = User(id=1, role=Role[name]) |
|
expected = ['user:1'] |
|
expected.extend(principals) |
|
assert expected == user.principals |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'name, expected', [ |
|
('UNVALIDATED', False), |
|
('NEW', False), |
|
('USER', True), |
|
('PURCHASER', True), |
|
('ADMIN', True), |
|
('INACTIVE', False), |
|
] |
|
) |
|
def test_user_is_active(name, expected): |
|
from ordr.models.account import User, Role |
|
user = User(id=1, role=Role[name]) |
|
assert expected == user.is_active |
|
|
|
|
|
def test_user_set_password(): |
|
from ordr.models.account import User |
|
from ordr.security import password_context |
|
password_context.update(schemes=['argon2']) |
|
user = User() |
|
assert user.password_hash is None |
|
user.set_password('password') |
|
assert user.password_hash.startswith('$argon2') |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'password,expected', [ |
|
('', False), |
|
('wrong', False), |
|
('password', True), |
|
] |
|
) |
|
def test_user_check_password(password, expected): |
|
from ordr.models.account import User |
|
from ordr.security import password_context |
|
password_context.update(schemes=['argon2']) |
|
hash = ('$argon2i$v=19$m=512,t=2,p=2$' |
|
'YcyZMyak9D7nvFfKmVOq1Q$fnzNh58HWfvxHvRDGjhTqA' |
|
) |
|
user = User(password_hash=hash) |
|
assert user.check_password(password) == expected |
|
|
|
|
|
def test_user_check_password_updates_old_sheme(): |
|
from ordr.models.account import User |
|
from ordr.security import password_context |
|
password_context.update( |
|
schemes=['argon2', 'bcrypt'], |
|
default='argon2', |
|
deprecated='auto' |
|
) |
|
old_hash = '$2b$12$6ljSfpLaXBeEVOeaP1scUe6IAa0cztM.UBbjc1PdrI4j0vwgoYgpi' |
|
user = User(password_hash=old_hash) |
|
assert user.check_password('password') |
|
assert user.password_hash.startswith('$argon2') |
|
assert user.check_password('password') |
|
|
|
|
|
def test_user__str__(): |
|
from ordr.models.account import User |
|
user = User(username='Eric Idle') |
|
assert str(user) == 'Eric Idle' |
|
|
|
|
|
def test_user_issue_token(app_config): # noqa: F811 |
|
from ordr.models.account import User, Token, TokenSubject |
|
request = DummyRequest() |
|
user = User() |
|
token = user.issue_token(request, TokenSubject.REGISTRATION, {'foo': 1}) |
|
assert isinstance(token, Token) |
|
assert token.hash is not None |
|
assert token.subject == TokenSubject.REGISTRATION |
|
assert token.payload == {'foo': 1} |
|
assert token.owner == user |
|
|
|
|
|
def test_token_issue_token(app_config): # noqa: F811 |
|
from ordr.models.account import User, Token, TokenSubject |
|
request = DummyRequest() |
|
user = User() |
|
token = Token.issue(request, user, TokenSubject.REGISTRATION, {'foo': 1}) |
|
expected_expires = datetime.utcnow() + timedelta(minutes=5) |
|
assert isinstance(token, Token) |
|
assert token.hash is not None |
|
assert token.subject == TokenSubject.REGISTRATION |
|
assert token.payload == {'foo': 1} |
|
assert token.owner == user |
|
assert token.expires.timestamp() == pytest.approx( |
|
expected_expires.timestamp(), |
|
abs=1 |
|
) |
|
|
|
|
|
@pytest.mark.parametrize( # noqa: F811 |
|
'subject,delta', [('REGISTRATION', 5), ('RESET_PASSWORD', 10)] |
|
) |
|
def test_token_issue_token_time_from_settings(app_config, subject, delta): |
|
from ordr.models.account import User, Token, TokenSubject |
|
request = DummyRequest() |
|
request.registry.settings['token_expiry.reset_password'] = 10 |
|
user = User() |
|
token_subject = TokenSubject[subject] |
|
token = Token.issue(request, user, token_subject, None) |
|
expected_expires = datetime.utcnow() + timedelta(minutes=delta) |
|
assert token.expires.timestamp() == pytest.approx( |
|
expected_expires.timestamp(), |
|
abs=1 |
|
)
|
|
|