[d32c7e]: Allura / allura / tests / model / test_auth.py History

Parent: [6cead1] (diff)

Child: [be1441] (diff)

Download this file

test_auth.py    138 lines (124 with data), 5.3 kB 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# -*- coding: utf-8 -*-

"""

Model tests for auth

"""

from nose.tools import with_setup, assert_equal

from pylons import c, g

from webob import Request



from pymongo.errors import DuplicateKeyError

from ming.orm.ormsession import ThreadLocalORMSession



from allura import model as M

from allura.lib import plugin

from allura.tests import decorators as td

from alluratest.controller import setup_basic_test, setup_global_objects





def setUp():

    setup_basic_test()

    ThreadLocalORMSession.close_all()

    setup_global_objects()



@with_setup(setUp)

def test_password_encoder():

    # Verify salt

    ep = plugin.LocalAuthenticationProvider(Request.blank('/'))._encode_password

    assert ep('test_pass') != ep('test_pass')

    assert ep('test_pass', '0000') == ep('test_pass', '0000')



@with_setup(setUp)

def test_email_address():

    addr = M.EmailAddress(_id='test_admin@sf.net', claimed_by_user_id=c.user._id)

    ThreadLocalORMSession.flush_all()

    assert addr.claimed_by_user() == c.user

    addr2 = M.EmailAddress.upsert('test@sf.net')

    addr3 = M.EmailAddress.upsert('test_admin@sf.net')

    assert addr3 is addr

    assert addr2 is not addr

    assert addr2

    addr4 = M.EmailAddress.upsert('test@SF.NET')

    assert addr4 is addr2

    addr.send_verification_link()

    assert addr is c.user.address_object('test_admin@sf.net')

    c.user.claim_address('test@SF.NET')

    assert 'test@sf.net' in c.user.email_addresses



@with_setup(setUp)

def test_openid():

    oid = M.OpenId.upsert('http://google.com/accounts/1', 'My Google OID')

    oid.claimed_by_user_id = c.user._id

    ThreadLocalORMSession.flush_all()

    assert oid.claimed_by_user() is c.user

    assert M.OpenId.upsert('http://google.com/accounts/1', 'My Google OID') is oid

    ThreadLocalORMSession.flush_all()

    assert oid is c.user.openid_object(oid._id)

    c.user.claim_openid('http://google.com/accounts/2')

    oid2 = M.OpenId.upsert('http://google.com/accounts/2', 'My Google OID')

    assert oid2._id in c.user.open_ids

    ThreadLocalORMSession.flush_all()



@td.with_user_project('test-admin')

@with_setup(setUp)

def test_user():

    assert c.user.url() .endswith('/u/test-admin/')

    assert c.user.script_name .endswith('/u/test-admin/')

    assert_equal(set(p.shortname for p in c.user.my_projects()), set(['test', 'test2', 'u/test-admin', 'adobe-1', '--init--']))

    # delete one of the projects and make sure it won't appear in my_projects()

    p = M.Project.query.get(shortname='test2')

    p.deleted = True

    assert_equal(set(p.shortname for p in c.user.my_projects()), set(['test', 'u/test-admin', 'adobe-1', '--init--']))

    assert_equal(M.User.anonymous().project_role().name, '*anonymous')

    u = M.User.register(dict(

            username='nosetest-user'))

    ThreadLocalORMSession.flush_all()

    assert_equal(u.private_project().shortname, 'u/nosetest-user')

    roles = g.credentials.user_roles(

        u._id, project_id=u.private_project().root_project._id)

    assert len(roles) == 3, roles

    u.set_password('foo')

    provider = plugin.LocalAuthenticationProvider(Request.blank('/'))

    assert provider._validate_password(u, 'foo')

    assert not provider._validate_password(u, 'foobar')

    u.set_password('foobar')

    assert provider._validate_password(u, 'foobar')

    assert not provider._validate_password(u, 'foo')



@with_setup(setUp)

def test_user_project_creates_on_demand():

    u = M.User.register(dict(username='foobar123'), make_project=False)

    ThreadLocalORMSession.flush_all()

    assert not M.Project.query.get(shortname='u/foobar123')

    assert u.private_project()

    assert M.Project.query.get(shortname='u/foobar123')



@with_setup(setUp)

def test_project_role():

    role = M.ProjectRole(project_id=c.project._id, name='test_role')

    c.user.project_role().roles.append(role._id)

    ThreadLocalORMSession.flush_all()

    for pr in g.credentials.user_roles(

        c.user._id, project_id=c.project.root_project._id):

        assert pr.display()

        pr.special

        assert pr.user in (c.user, None, M.User.anonymous())



@with_setup(setUp)

def test_default_project_roles():

    roles = dict(

        (pr.name, pr)

        for pr in M.ProjectRole.query.find(dict(

                project_id=c.project._id)).all()

        if pr.name)

    assert 'Admin' in roles.keys(), roles.keys()

    assert 'Developer' in roles.keys(), roles.keys()

    assert 'Member' in roles.keys(), roles.keys()

    assert roles['Developer']._id in roles['Admin'].roles

    assert roles['Member']._id in roles['Developer'].roles



    # There're 1 user assigned to project, represented by

    # relational (vs named) ProjectRole's

    assert len(roles) == M.ProjectRole.query.find(dict(

        project_id=c.project._id)).count() - 1



@with_setup(setUp)

def test_dup_api_token():

    from ming.orm import session

    u = M.User.register(dict(username='nosetest-user'))

    ThreadLocalORMSession.flush_all()

    tok = M.ApiToken(user_id=u._id)

    session(tok).flush()

    tok2 = M.ApiToken(user_id=u._id)

    try:

        session(tok2).flush()

        assert False, "Entry with duplicate unique key was inserted"

    except DuplicateKeyError:

        pass

    assert len(M.ApiToken.query.find().all()) == 1, "Duplicate entries with unique key found"