From 146bad8a0ffa636fca1689bfdaa98f210d9eb7a9 Mon Sep 17 00:00:00 2001 From: mrsaicharan1 Date: Thu, 20 Jun 2019 12:35:33 +0530 Subject: [PATCH] Shifted function to helpers and added unit test Hound fixes Extend test case to non-admin & reduce LOC Update tests/all/integration/api/helpers/test_auth.py --- app/api/auth.py | 16 ++-------------- app/api/helpers/auth.py | 9 +++++++++ tests/all/integration/api/helpers/test_auth.py | 17 +++++++++++++++++ 3 files changed, 28 insertions(+), 14 deletions(-) diff --git a/app/api/auth.py b/app/api/auth.py index de2a8d15e5..1f0dbce601 100644 --- a/app/api/auth.py +++ b/app/api/auth.py @@ -30,6 +30,7 @@ from app.models.notification import PASSWORD_CHANGE as PASSWORD_CHANGE_NOTIF from app.models.user import User from app.api.helpers.storage import UPLOAD_PATHS +from app.api.helpers.auth import AuthManager authorised_blueprint = Blueprint('authorised_blueprint', __name__, url_prefix='/') ticket_blueprint = Blueprint('ticket_blueprint', __name__, url_prefix='/v1') @@ -343,24 +344,11 @@ def order_invoices(order_identifier): # Access for Environment details & Basic Auth Support -def check_auth_admin(username, password): - """ - This function is called to check for proper authentication & admin rights - """ - if username and password: - user = User.query.filter_by(_email=username).first() - if user: - if user.is_correct_password(password): - if user.is_admin: - return True - return False - - def requires_basic_auth(f): @wraps(f) def decorated(*args, **kwargs): auth = request.authorization - if not auth or not check_auth_admin(auth.username, auth.password): + if not auth or not AuthManager.check_auth_admin(auth.username, auth.password): return make_response('Could not verify your access level for that URL.\n' 'You have to login with proper credentials', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'}) diff --git a/app/api/helpers/auth.py b/app/api/helpers/auth.py index f20b777384..499b4bf16c 100644 --- a/app/api/helpers/auth.py +++ b/app/api/helpers/auth.py @@ -31,3 +31,12 @@ def is_verified_user(): @staticmethod def is_accessible(): return current_user.is_authenticated + + @staticmethod + def check_auth_admin(username, password): + # This function is called to check for proper authentication & admin rights + if username and password: + user = User.query.filter_by(_email=username).first() + if user and user.is_correct_password(password) and user.is_admin: + return True + return False diff --git a/tests/all/integration/api/helpers/test_auth.py b/tests/all/integration/api/helpers/test_auth.py index 3c01356c02..5fb2978835 100644 --- a/tests/all/integration/api/helpers/test_auth.py +++ b/tests/all/integration/api/helpers/test_auth.py @@ -45,5 +45,22 @@ def test_is_accessible(self): logout_user() self.assertEqual(auth_manager.is_accessible(), False) + def test_check_auth_admin(self): + """Method to test proper authentication & admin rights for a user""" + + with app.test_request_context(): + auth_manager = auth.AuthManager() + auth_manager.init_login(app) + user = create_user(email='authtest@gmail.com', password='password') + user.is_admin = True + status = auth_manager.check_auth_admin('authtest@gmail.com', 'password') + self.assertEqual(True, status) + + user = create_user(email='authtest2@gmail.com', password='password') + user.is_admin = False + status = auth_manager.check_auth_admin('authtest2@gmail.com', 'password') + self.assertEqual(False, status) + + if __name__ == '__main__': unittest.main()