-
Notifications
You must be signed in to change notification settings - Fork 4
/
test_auth_manager.py
122 lines (99 loc) · 4.65 KB
/
test_auth_manager.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
from unittest import mock
import flask
from keg_auth.core import AuthManager
from keg_auth.libs.authenticators import KegAuthenticator, JwtRequestLoader
from keg_auth.tests.utils import oauth_profile
from keg_auth_ta.app import mail_ext
from keg_auth_ta.extensions import auth_entity_registry
from keg_auth_ta.model import entities as ents
class TestAuthManager(object):
def setup_method(self):
ents.Permission.delete_cascaded()
ents.User.delete_cascaded()
self.am = flask.current_app.auth_manager
def test_init_loaders_no_oauth(self):
manager = AuthManager()
manager.init_loaders(flask.current_app)
assert not hasattr(manager, 'oauth_authenticator')
def test_init_loaders_with_oauth(self):
manager = AuthManager()
with mock.patch.dict(
flask.current_app.config,
{'KEGAUTH_OAUTH_PROFILES': [oauth_profile()]},
):
manager.init_loaders(flask.current_app)
assert manager.oauth_authenticator
def test_create_user(self):
with mail_ext.record_messages() as outbox:
user = self.am.create_user(dict(email=u'foo@bar.com'))
assert len(outbox) == 1
assert outbox[0].subject == '[KA Demo] User Welcome & Verification'
assert user.email == 'foo@bar.com'
assert user._token_plain
assert ents.User.query.count() == 1
@mock.patch(
'flask.current_app.auth_manager.login_authenticator.domain_exclusions',
['mycompany.biz']
)
def test_create_user_domain_exclusion(self):
with mail_ext.record_messages() as outbox:
self.am.create_user(dict(email=u'foo@mycompany.biz'))
assert len(outbox) == 0
def test_create_user_no_commit(self):
self.am.create_user(dict(email=u'foo@bar.com'), _commit=False)
ents.db.session.rollback()
assert ents.User.query.count() == 0
def test_create_user_commit(self):
self.am.create_user(dict(email=u'foo@bar.com'), _commit=True)
ents.db.session.rollback()
assert ents.User.query.count() == 1
@mock.patch('keg_auth.core.model.initialize_mappings')
def test_model_initialized_only_once(self, m_init):
self.am.init_app(flask.current_app)
assert not m_init.called
def test_permissions_synced_to_db(self):
# create a permission that will get destroyed by sync, and ensure no integrity errors
permission_to_delete = ents.Permission.add(token='snoopy')
ents.Group.testing_create(permissions=[permission_to_delete])
ents.Bundle.testing_create(permissions=[permission_to_delete])
ents.User.testing_create(permissions=[permission_to_delete])
# token should not be duplicated during sync, but description should be set
ents.Permission.add(token='bar')
# define the app permissions
permissions = (
'foo',
('bar', 'location for libations'),
('baz', 'nonsense word'),
)
with mock.patch.object(self.am, 'permissions', permissions):
# we want to make sure the sync will still
# run when mode is not testing
flask.current_app.config['TESTING'] = False
self.am.init_app(flask.current_app)
assert ents.Permission.get_by(token='foo')
assert ents.Permission.get_by(token='bar').description == 'location for libations'
assert ents.Permission.get_by(token='baz').description == 'nonsense word'
assert not ents.Permission.get_by(token='snoopy')
flask.current_app.config['TESTING'] = True
@mock.patch('keg_auth.core.KegAuthenticator')
def test_request_loaders_initialized_only_once(self, m_init):
self.am.init_app(flask.current_app)
assert not m_init.called
@mock.patch('keg_auth.core.AuthManager.init_model')
def test_request_loaders_initialized(self, m_model):
app = mock.MagicMock()
manager = AuthManager(None, request_loaders=[JwtRequestLoader],
entity_registry=auth_entity_registry)
manager.init_app(app)
assert isinstance(manager.login_authenticator, KegAuthenticator)
assert isinstance(manager.get_request_loader('jwt'), JwtRequestLoader)
def test_resend_verification(self):
user = ents.User.testing_create(
email='foo1@bar.com'
)
with mail_ext.record_messages() as outbox:
self.am.resend_verification_email(user.id)
assert user._token_plain
assert len(outbox) == 1
assert outbox[0].subject == '[KA Demo] User Welcome & Verification'
assert '/verify-account/{}/{}'.format(user.id, user._token_plain) in outbox[0].body