def test_identity_no_user(self, monkeypatch):
userid = pretend.stub()
session_helper_obj = pretend.stub(
authenticated_userid=pretend.call_recorder(lambda r: userid))
session_helper_cls = pretend.call_recorder(lambda: session_helper_obj)
monkeypatch.setattr(security_policy, "SessionAuthenticationHelper",
session_helper_cls)
policy = security_policy.SessionSecurityPolicy()
vary_cb = pretend.stub()
add_vary_cb = pretend.call_recorder(lambda *v: vary_cb)
monkeypatch.setattr(security_policy, "add_vary_callback", add_vary_cb)
user_service = pretend.stub(
get_user=pretend.call_recorder(lambda uid: None))
request = pretend.stub(
add_response_callback=pretend.call_recorder(lambda cb: None),
matched_route=pretend.stub(name="a.permitted.route"),
find_service=pretend.call_recorder(lambda i, **kw: user_service),
)
assert policy.identity(request) is None
assert request.authentication_method == AuthenticationMethod.SESSION
assert session_helper_obj.authenticated_userid.calls == [
pretend.call(request)
]
assert session_helper_cls.calls == [pretend.call()]
assert request.find_service.calls == [
pretend.call(IUserService, context=None)
]
assert user_service.get_user.calls == [pretend.call(userid)]
assert add_vary_cb.calls == [pretend.call("Cookie")]
assert request.add_response_callback.calls == [pretend.call(vary_cb)]
def test_forget_and_remember(self, monkeypatch):
request = pretend.stub()
userid = pretend.stub()
forgets = pretend.stub()
remembers = pretend.stub()
session_helper_obj = pretend.stub(
forget=pretend.call_recorder(lambda r, **kw: forgets),
remember=pretend.call_recorder(lambda r, uid, **kw: remembers),
)
session_helper_cls = pretend.call_recorder(lambda: session_helper_obj)
monkeypatch.setattr(security_policy, "SessionAuthenticationHelper",
session_helper_cls)
policy = security_policy.SessionSecurityPolicy()
assert session_helper_cls.calls == [pretend.call()]
assert policy.forget(request, foo=None) == forgets
assert session_helper_obj.forget.calls == [
pretend.call(request, foo=None)
]
assert policy.remember(request, userid, foo=None) == remembers
assert session_helper_obj.remember.calls == [
pretend.call(request, userid, foo=None)
]
def test_identity_password_outdated(self, monkeypatch):
userid = pretend.stub()
session_helper_obj = pretend.stub(
authenticated_userid=pretend.call_recorder(lambda r: userid))
session_helper_cls = pretend.call_recorder(lambda: session_helper_obj)
monkeypatch.setattr(security_policy, "SessionAuthenticationHelper",
session_helper_cls)
policy = security_policy.SessionSecurityPolicy()
vary_cb = pretend.stub()
add_vary_cb = pretend.call_recorder(lambda *v: vary_cb)
monkeypatch.setattr(security_policy, "add_vary_callback", add_vary_cb)
user = pretend.stub()
timestamp = pretend.stub()
user_service = pretend.stub(
get_user=pretend.call_recorder(lambda uid: user),
get_password_timestamp=pretend.call_recorder(
lambda uid: timestamp),
)
request = pretend.stub(
add_response_callback=pretend.call_recorder(lambda cb: None),
matched_route=pretend.stub(name="a.permitted.route"),
find_service=pretend.call_recorder(lambda i, **kw: user_service),
session=pretend.stub(
password_outdated=pretend.call_recorder(lambda ts: True),
invalidate=pretend.call_recorder(lambda: None),
flash=pretend.call_recorder(lambda *a, **kw: None),
),
)
assert policy.identity(request) is None
assert request.authentication_method == AuthenticationMethod.SESSION
assert session_helper_obj.authenticated_userid.calls == [
pretend.call(request)
]
assert session_helper_cls.calls == [pretend.call()]
assert request.find_service.calls == [
pretend.call(IUserService, context=None)
]
assert user_service.get_user.calls == [pretend.call(userid)]
assert request.session.password_outdated.calls == [
pretend.call(timestamp)
]
assert user_service.get_password_timestamp.calls == [
pretend.call(userid)
]
assert request.session.invalidate.calls == [pretend.call()]
assert request.session.flash.calls == [
pretend.call("Session invalidated by password change",
queue="error")
]
assert add_vary_cb.calls == [pretend.call("Cookie")]
assert request.add_response_callback.calls == [pretend.call(vary_cb)]
def test_identity_invalid_route(self, monkeypatch):
session_helper_obj = pretend.stub()
session_helper_cls = pretend.call_recorder(lambda: session_helper_obj)
monkeypatch.setattr(security_policy, "SessionAuthenticationHelper",
session_helper_cls)
policy = security_policy.SessionSecurityPolicy()
vary_cb = pretend.stub()
add_vary_cb = pretend.call_recorder(lambda *v: vary_cb)
monkeypatch.setattr(security_policy, "add_vary_callback", add_vary_cb)
request = pretend.stub(
add_response_callback=pretend.call_recorder(lambda cb: None),
matched_route=pretend.stub(name="forklift.legacy.file_upload"),
)
assert policy.identity(request) is None
assert request.authentication_method == AuthenticationMethod.SESSION
assert session_helper_cls.calls == [pretend.call()]
assert add_vary_cb.calls == [pretend.call("Cookie")]
assert request.add_response_callback.calls == [pretend.call(vary_cb)]
def test_noops(self):
policy = security_policy.SessionSecurityPolicy()
assert policy.authenticated_userid(pretend.stub()) == NotImplemented
assert (policy.permits(pretend.stub(), pretend.stub(),
pretend.stub()) == NotImplemented)