Improve test coverage

lenarother · Jan 15, 2019 · 06966bc · 06966bc
1 parent b726141
commit 06966bc
Show file tree

Hide file tree

Showing 4 changed files with 114 additions and 1 deletion.
diff --git a/centralauth/client/management/commands/sync_perms.py b/centralauth/client/management/commands/sync_perms.py
@@ -27,6 +27,7 @@ def handle(self, *args, **options):
 
         if not response_json['success']:
             self.stdout.write('Operation failed.')
+            return
 
         self.stdout.write(
             'Operation successful. {0} permissions synced, {1} permissions '

diff --git a/tests/client/test_commands.py b/tests/client/test_commands.py
@@ -1,12 +1,53 @@
+from io import StringIO
+
 import mock
 import pytest
 from django.core.management import call_command
+from django.core.management.base import CommandError
+from requests.exceptions import ConnectionError
 
 
 @pytest.mark.django_db
 class TestSyncPerms:
 
     @mock.patch('centralauth.client.services.register_perms')
     def test_register_perms_called(self, register_perms_mock):
-        call_command('sync_perms')
+        class ResponseMock:
+            status_code = 200
+            result = {
+                'success': True,
+                'synced': 'foo',
+                'created': 'bar',
+                'deleted': 'fizz',
+                'count': 'buzz',
+            }
+
+            def json(self):
+                return self.result
+        response = ResponseMock()
+
+        out = StringIO()
+        register_perms_mock.return_value = response
+        call_command('sync_perms', stdout=out)
         assert register_perms_mock.call_count == 1
+        message = out.getvalue()
+        for expected in ['foo', 'bar', 'fizz', 'buzz']:
+            assert expected in message
+
+        out = StringIO()
+        response.result['success'] = False
+        register_perms_mock.return_value = response
+        call_command('sync_perms', stdout=out)
+        assert register_perms_mock.call_count == 2
+        assert 'Operation failed.' in out.getvalue()
+
+        response.status_code = 403
+        register_perms_mock.return_value = response
+        with pytest.raises(CommandError):
+            call_command('sync_perms')
+        assert register_perms_mock.call_count == 3
+
+        register_perms_mock.side_effect = ConnectionError()
+        with pytest.raises(CommandError):
+            call_command('sync_perms')
+        assert register_perms_mock.call_count == 4
diff --git a/tests/client/test_views.py b/tests/client/test_views.py
@@ -28,3 +28,11 @@ def test_get(self, client, settings):
         response = client.get('/client/login/', secure=True)
         assert response.status_code == 302
         assert response['Location'].startswith(settings.CENTRALAUTH_PROVIDER_URL)
+
+
+@pytest.mark.django_db
+class TestCallbackView:
+
+    def test_forbidden(self, client, settings):
+        response = client.get('/client/login/callback/', secure=True)
+        assert response.status_code == 403
diff --git a/tests/provider/test_backends.py b/tests/provider/test_backends.py
@@ -0,0 +1,63 @@
+import pytest
+from oauth2_provider.exceptions import FatalClientError
+
+from centralauth.provider.oauth2_backends import CentralauthOAuthBackend
+
+from ..factories import ApplicationFactory, ApplicationUserFactory
+
+
+@pytest.mark.django_db
+class TestCentralauthOAuthBackend:
+
+    def test_user_can_access_app(self, rf):
+        backend = CentralauthOAuthBackend()
+        test_app = ApplicationFactory.create(
+            client_id='app1',
+            client_secret='secret1',
+            redirect_uris='http://localhost:9000/client/login/callback/')
+        test_user = ApplicationUserFactory.create(application=test_app)
+        test_user_no_access = ApplicationUserFactory.create()
+
+        class OAuthLibRequestMock:
+            client = test_app
+
+        request = rf.get(
+            '/provider/o/authorize/',
+            {
+                'esponse_type': 'code',
+                'client_id': 'app1',
+                'redirect_uri': 'http://localhost:9000/client/login/callback/',
+                'state': 'state123',
+            }
+        )
+        request.user = test_user.user
+
+        # create_authorization_response success
+        backend.create_authorization_response(
+            request=request,
+            scopes=['read', 'write'],
+            credentials={
+                'request': OAuthLibRequestMock,
+                'redirect_uri': 'http://localhost:9000/client/login/callback/',
+                'state': 'state123',
+                'client_id': 'app1',
+                'response_type': 'code',
+            },
+            allow=True
+        )
+
+        # create_authorization_response user has no permissions for app
+        request.user = test_user_no_access.user
+        with pytest.raises(FatalClientError):
+            backend.create_authorization_response(
+                request=request,
+                scopes=['read', 'write'],
+                credentials={
+                    'request': OAuthLibRequestMock,
+                    'redirect_uri': 'http://localhost:9000/client/login/callback/',
+                    'state': 'state123',
+                    'client_id': 'app1',
+                    'response_type': 'code',
+                },
+                allow=True
+            )