CPI
/
ordr2
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
CPI Ordering System (the old version)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
35 Commits
3 Branches
0 Tags
2.2 MiB
 
 
 
 
 
Tree: 8dbf43ea99
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8dbf43ea99'
${ noResults }
ordr2/tests/security.py

132 lines
4.0 KiB
Raw Blame History

import pytest
from pyramid.testing import DummyRequest
from . import app_config, dbsession, get_example_user # noqa: F401
def test_crypt_context_to_settings():
''' test the transformation of .ini styles from pyramid to passlib '''
from ordr.security import crypt_context_settings_to_string
settings = {
'no_prefix': 'should not appear',
'prefix.something': 'left unchanged',
'prefix.schemes': 'adjust list',
'prefix.depreceated': 'do, not, adjust, this, list'
}
result = crypt_context_settings_to_string(settings, 'prefix.')
expected_lines = {
'[passlib]',
'something = left unchanged',
'schemes = adjust,list',
'depreceated = do, not, adjust, this, list',
}
assert set(result.split('\n')) == expected_lines
def test_authentication_policy_authenticated_user_id_no_user():
''' test 'authenticated_userid()' returns None if no user is logged in '''
from ordr.security import AuthenticationPolicy
ap = AuthenticationPolicy('')
request = DummyRequest(user=None)
assert ap.authenticated_userid(request) is None
def test_authentication_policy_authenticated_user_id_with_user():
''' test 'authenticated_userid()' returns id if user is logged in '''
from ordr.security import AuthenticationPolicy
from ordr.models import User
ap = AuthenticationPolicy('')
request = DummyRequest(user=User(id=123))
assert ap.authenticated_userid(request) == 123
def test_authentication_policy_effective_principals_no_user():
''' test 'effective_principals()' if not user is logged in '''
from ordr.security import AuthenticationPolicy
from pyramid.security import Everyone
request = DummyRequest(user=None)
ap = AuthenticationPolicy('')
result = ap.effective_principals(request)
assert result == [Everyone]
def test_authentication_policy_effective_principals_with_user():
''' test 'effective_principals()' if user is logged in '''
from ordr.security import AuthenticationPolicy
from ordr.models import User, Role
from pyramid.security import Authenticated, Everyone
ap = AuthenticationPolicy('')
user = User(id=123, role=Role.PURCHASER)
request = DummyRequest(user=user)
result = ap.effective_principals(request)
expected = [
Everyone,
Authenticated,
'user:123',
'role:purchaser',
'role:user'
]
assert result == expected
@pytest.mark.parametrize( # noqa: F811
'uauid,role_name', [
(3, 'USER'),
(4, 'PURCHASER'),
(5, 'ADMIN'),
]
)
def test_get_user_returns_user(dbsession, uauid, role_name):
''' test 'get_user()' returns active user '''
from ordr.security import get_user
from ordr.models import Role
# this is a dirty hack, but DummyRequest does not accept setting an
# unauthenticated_userid
from pyramid.testing import DummyResource
request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)
user_role = Role[role_name]
user = get_example_user(user_role)
dbsession.add(user)
dbsession.flush()
assert get_user(request) == user
@pytest.mark.parametrize( # noqa: F811
'uauid,role_name', [
(1, 'UNVALIDATED'),
(2, 'NEW'),
(6, 'INACTIVE'),
(2, 'USER'),
(None, 'USER'),
]
)
def test_get_user_returns_none(dbsession, uauid, role_name):
''' test 'get_user()' returns None for an inactive user '''
from ordr.security import get_user
from ordr.models import Role
# this is a dirty hack, but DummyRequest does not accept setting an
# unauthenticated_userid
from pyramid.testing import DummyResource
request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)
user_role = Role[role_name]
user = get_example_user(user_role)
dbsession.add(user)
dbsession.flush()
assert get_user(request) is None