def test_custom_roles(
self,
mock_sync_role_definitions,
mock_set_custom_role,
mock_is_custom_pvm,
mock_create_missing_perms, # pylint: disable=unused-argument
mock_get_session, # pylint: disable=unused-argument
mock_clean_perms,
):
"""
Test that when add custom roles is set to true, the roles specified
in the configs are created
"""
# set test configs
app.config["ADD_CUSTOM_ROLES"] = True
app.config["CUSTOM_ROLES"] = {"Test_role": {"all_datasource_access"}}
appbuilder = MagicMock()
csm = CustomSecurityManager(appbuilder=appbuilder)
csm.sync_role_definitions()
assert mock_sync_role_definitions.call_count == 1
assert mock_set_custom_role.call_count == 1
mock_args = mock_set_custom_role.call_args_list[0]
assert mock_args[0][0] == "Test_role"
assert mock_args[0][1] == mock_is_custom_pvm
assert mock_args[0][2] == {"all_datasource_access"}
assert mock_clean_perms.call_count == 1
def test_oauth_user_info_no_provider(self):
"""
Test that when no provider is provided
None is returned
"""
appbuilder = MagicMock()
csm = CustomSecurityManager(appbuilder=appbuilder)
user_info = csm.oauth_user_info(provider=None)
assert user_info is None
def test_get_oauth_redirect_url_when_not_set(self):
"""
Test that when custom_redirect_url key is not set in the provider
None is returned
"""
appbuilder = MagicMock()
CustomSecurityManager.oauth_providers = [{"name": "onadata"}]
csm = CustomSecurityManager(appbuilder=appbuilder)
redirect_url = csm.get_oauth_redirect_url(provider="onadata")
assert redirect_url is None
def test_get_oauth_redirect_url_when_set(self):
"""
Test that when custom_redirect_url key is set in the provider
it returns the right value
"""
appbuilder = MagicMock()
CustomSecurityManager.oauth_providers = [{
"name":
"onadata",
"custom_redirect_url":
"http://google.com"
}]
csm = CustomSecurityManager(appbuilder=appbuilder)
redirect_url = csm.get_oauth_redirect_url(provider="onadata")
assert redirect_url == "http://google.com"
def test_is_valid_provider_is_called_for_opendata(self, function_mock):
"""
Test that is_valid_provider function is called for all provider names
"""
function_mock.return_value = False
appbuilder = MagicMock()
csm = CustomSecurityManager(appbuilder=appbuilder)
csm.oauth_user_info(provider="Onadata")
assert call("Onadata", "onadata") in function_mock.call_args_list
csm.oauth_user_info(provider="opensrp")
assert call("opensrp", "OpenSRP") in function_mock.call_args_list
csm.oauth_user_info(provider="OPENLMIS")
assert call("OPENLMIS", "openlmis") in function_mock.call_args_list
def test_oauth_user_info_onadata_provider(self):
"""
Test that we get the right user information
with the onadata provider
"""
# Sample data returned from endpoints
user_endpoint = {"username": "******", "name": "test"}
profiles_endpoint = {
"id": 58863,
"is_org": False,
"first_name": "test",
"name": "test auth",
"last_name": "auth",
"email": "*****@*****.**",
}
# Expected result
result_info = {
"name": "test auth",
"email": "*****@*****.**",
"id": 58863,
"username": "******",
"first_name": "test",
"last_name": "auth",
}
appbuilder = MagicMock()
user_mock = MagicMock()
user_mock.data = user_endpoint
profile_mock = MagicMock()
profile_mock.data = profiles_endpoint
request_mock = MagicMock(side_effect=[user_mock, profile_mock])
appbuilder.sm.oauth_remotes["onadata"].get = request_mock
csm = CustomSecurityManager(appbuilder=appbuilder)
user_info = csm.oauth_user_info(provider="onadata")
assert request_mock.call_count == 2
user_info_call, _ = request_mock.call_args_list[0]
userprofile_call, _ = request_mock.call_args_list[1]
assert user_info_call[0] == "api/v1/user.json"
assert userprofile_call[0] == "api/v1/profiles/testauth.json"
assert user_info == result_info
def test_oauth_user_info_opensrp_provider(self):
"""
Test that we get the right user information
with the OpenSRP provider
"""
# set test configs
app.config["PATCHUP_EMAIL_BASE"] = "*****@*****.**"
# Sample data returned OpenSRP
data = {"userName": "******", "roles": ["Privilege Level: Full"]}
# Expected result
result_info = {"email": "*****@*****.**", "username": "******"}
appbuilder = MagicMock()
user_mock = MagicMock()
user_mock.data = data
appbuilder.sm.oauth_remotes["OpenSRP"].get = MagicMock(
side_effect=[user_mock])
csm = CustomSecurityManager(appbuilder=appbuilder)
user_info = csm.oauth_user_info(provider="OpenSRP")
assert user_info == result_info
# Sample data returned OpenSRP with preferredName
data2 = {
"preferredName": "mosh",
"userName": "******",
"roles": ["Privilege Level: Full"],
}
# Expected result
result_info2 = {
"email": "*****@*****.**",
"name": "mosh",
"username": "******",
}
appbuilder2 = MagicMock()
user_mock2 = MagicMock()
request_mock = MagicMock(side_effect=[user_mock2])
user_mock2.data = data2
appbuilder2.sm.oauth_remotes["OpenSRP"].get = request_mock
csm2 = CustomSecurityManager(appbuilder=appbuilder2)
user_info2 = csm2.oauth_user_info(provider="OpenSRP")
request_mock.assert_called_once_with("user-details")
assert user_info2 == result_info2
def test_oauth_user_info_openlmis_provider(self):
"""
Test that we get the right user information
with the openlmis provider
"""
# Data returned from userContactDetails endpoint
contacts_endpoint = {
"emailDetails": {
"email": "*****@*****.**"
}
}
# Data returned from users endpoint in openlmis
users_endpoint = {
"username": "******",
"firstName": "test",
"lastName": "auth",
"active": True,
"id": "a337ec45-31a0-4f2b-9b2e-a105c4b669bb",
}
# Result expected
result_info = {
"name": "testauth",
"email": "*****@*****.**",
"id": "a337ec45-31a0-4f2b-9b2e-a105c4b669bb",
"username": "******",
"first_name": "test",
"last_name": "auth",
}
appbuilder = MagicMock()
reference_user = MagicMock()
reference_user.data = {
"referenceDataUserId": "a337ec45-31a0-4f2b-9b2e-a105c4b669bb"
}
user_data = MagicMock()
user_data.data = users_endpoint
user_email = MagicMock()
user_email.data = contacts_endpoint
request_mock = MagicMock(
side_effect=[reference_user, user_data, user_email])
appbuilder.sm.oauth_remotes["openlmis"].get = request_mock
csm = CustomSecurityManager(appbuilder=appbuilder)
csm.oauth_tokengetter = MagicMock(
return_value=["a337ec45-31a0-4f2b-9b2e-a105c4b669bb"])
user_info = csm.oauth_user_info(provider="openlmis")
assert request_mock.call_count == 3
check_token_call, _ = request_mock.call_args_list[0]
user_call, _ = request_mock.call_args_list[1]
contacts_call, _ = request_mock.call_args_list[2]
assert check_token_call[0] == "oauth/check_token"
assert user_call[0] == "users/a337ec45-31a0-4f2b-9b2e-a105c4b669bb"
assert (contacts_call[0] ==
"userContactDetails/a337ec45-31a0-4f2b-9b2e-a105c4b669bb")
assert user_info == result_info