def test_warn_threshold_50(self):
grant = 'photo_daily_total'
limit = 4
metric = {grant: {'style': 'grant', 'notify': 50}}
db_session = database.get_session(db_url=self.config.DB_URL)
response = self.call_endpoint('/grant', 'post', data=dict(
name=grant, value=str(limit), uid=self.test_uid))
self.assertEqual(response.status_code, 201)
with self.config_overrides(metrics=metric):
self.authorize(new_session=True)
for count in range(limit):
self.assertTrue(
Metrics(uid=self.test_uid, db_session=db_session,
func_send=self.mock_messaging).store(grant))
self.mock_messaging.assert_called_once_with(
to_uid=self.test_uid, template='usage_notify',
period='day', percent=metric[grant]['notify'], resource=grant)
response = self.call_endpoint(
'/metric?filter={"name":"%s","uid":"%s"}' % (
grant, self.test_uid),
'get')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.get_json().get('items'), [
dict(labels=['uid=%s' % self.test_uid], name=grant, value=0)])
def test_grant_limit(self):
grant = 'photo_res_max'
limit = 3
metric = {grant: {'style': 'grant'}}
db_session = database.get_session(db_url=self.config.DB_URL)
response = self.call_endpoint('/grant', 'post', data=dict(
name=grant, value=str(limit), uid=self.test_uid))
self.assertEqual(response.status_code, 201)
with self.config_overrides(metrics=metric):
self.authorize(new_session=True)
for count in range(limit):
self.assertTrue(
Metrics(
uid=self.test_uid, db_session=db_session).store(grant))
response = self.call_endpoint(
'/metric?filter={"name":"%s","uid":"%s"}' % (grant,
self.test_uid),
'get')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.get_json().get('items'), [
dict(labels=['uid=%s' % self.test_uid], name=grant, value=0)])
self.assertFalse(
Metrics(uid=self.test_uid, db_session=db_session).store(grant))
def test_totp_failures(self):
with self.scratch_account('danger23', 'Rodney Danger'):
# Try to register a token using invalid nonce
response = self.call_endpoint(
'/auth_totp', 'post', dict(nonce='invalid',
otp_first='654321'))
self.assertEqual(response.status_code, 403, 'register unexpected')
# Try to register using invalid otp
response = self.call_endpoint('/auth_totp', 'get')
result = response.get_json()
self.assertEqual(response.status_code, 200)
nonce = result['jti']
otp = pyotp.TOTP(result['totp']).now()
response = self.call_endpoint(
'/auth_totp', 'post',
dict(nonce=nonce, otp_first=str(int(otp) ^ 0xffff).zfill(6)))
self.assertEqual(response.status_code, 403, 'register unexpected')
response = self.call_endpoint('/auth_params', 'get')
self.assertEqual(response.status_code, 200)
# Try to generate a token for an account already registered
db_session = database.get_session(db_url=self.config.DB_URL)
account = db_session.query(Account).filter_by(
id=response.get_json()['account_id']).one()
account.totp_secret = pyotp.random_base32()
db_session.commit()
db_session.remove()
response = self.call_endpoint('/auth_totp', 'get')
self.assertEqual(response.status_code, 403, 'generate unexpected')
def initial_setup(self):
if not test_globals:
test_globals['app'] = application.app
test_globals['dbfile'] = tempfile.mkstemp(prefix='_db')[1]
db_url = os.environ.get(
'DB_URL', 'sqlite:///%s' % test_globals['dbfile'])
subprocess.Popen(['cp', '.proto.sqlite', test_globals['dbfile']])
path = os.path.join(os.path.dirname(
os.path.abspath(__file__)), '..', 'media')
db_seed_file = os.path.join(path, '..', 'tests', 'data',
'db_fixture.yaml')
test_globals['redis'] = redis_conn = fakeredis.FakeStrictRedis(
server=fakeredis.FakeServer())
initialize.app(
application, controllers, models, path,
db_seed_file=db_seed_file, db_url=db_url,
redis_conn=redis_conn)
db_session = database.get_session(db_url=db_url)
database.seed_new_db(db_session)
db_session.remove()
self.baseSetup()
yield test_globals
try:
if os.environ.get('DBCLEAN', None) != '0':
os.remove(test_globals['dbfile'])
except FileNotFoundError:
# TODO this is getting called for each test class
# (thought scope='session' would invoke only once)
pass
def test_add_and_fetch_grant(self):
record = dict(name='contacts', value='4', uid=self.test_uid)
expected = dict(expires=None,
owner=self.test_person_name,
rbac='dru',
status='active',
**record)
response = self.call_endpoint('/grant', 'post', data=record)
self.assertEqual(response.status_code, 201)
id = response.get_json()['id']
response = self.call_endpoint('/grant/%s' % id, 'get')
result = response.get_json()
del (result['created'])
expected['id'] = id
self.assertEqual(result, expected)
with self.app.test_request_context():
g.db = database.get_session()
self.assertEqual(Grants().get(record['name'], uid=self.test_uid),
int(record['value']))
g.db.remove()
# Clean up the grant
response = self.call_endpoint('/grant/%s' % id, 'delete')
self.assertEqual(response.status_code, 204)
def test_invalid_grant(self):
response = self.call_endpoint('/grant?name=invalid', 'get')
self.assertEqual(response.status_code, 400)
with self.app.test_request_context():
g.db = database.get_session()
self.assertIsNone(Grants().get('invalid'))
def test_check_limit_decrement(self):
grant = 'sms_monthly_total'
db_session = database.get_session(db_url=self.config.DB_URL)
metrics = Metrics(uid=self.test_uid, db_session=db_session)
current = metrics.check(grant)
metrics.store(grant)
next = metrics.check(grant)
self.assertEqual(next, current - 1)
db_session.remove()
def test_find_several(self):
response = self.call_endpoint('/metric?offset=2&limit=5', 'get')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.get_json().get('count'), 5)
response = self.call_endpoint('/metric?filter={"uid":""}', 'get')
self.assertEqual(response.status_code, 200)
# this is just to ensure at least one user metric
db_session = database.get_session(db_url=self.config.DB_URL)
Metrics(uid=self.test_uid, db_session=db_session).store(
'video_daily_total')
db_session.remove()
self.assertGreaterEqual(response.get_json().get('count'), 1)
def test_get_account_lang_es(self):
expected = dict(id=self.adm_contact_2, message=u'acceso denegado')
record = dict(name='Guillermo Morales',
identity='*****@*****.**',
username='******')
password = dict(new_password='******', verify_password='******')
response = self.call_endpoint('/account', 'post', data=record)
self.assertEqual(response.status_code, 201)
uid = response.get_json()['uid']
for call in self.mock_messaging.call_args_list:
password['reset_token'] = call.kwargs.get('token')
# Set the password with put, and confirm it's present with get
response = self.call_endpoint('/account_password/%s' % uid,
'put',
data=password)
self.assertEqual(
response.status_code, 200,
'put failed message=%s' % response.get_json().get('message'))
response = self.call_endpoint('/account_password/%s' % uid,
'get',
data=password)
self.assertEqual(
response.status_code, 200,
'get failed message=%s' % response.get_json().get('message'))
# Set lang profile
db_session = database.get_session(db_url=self.config.DB_URL)
db_session.add(
Profile(id='x-fb3M81e7',
uid=uid,
item='lang',
value='es_ES',
status='active'))
db_session.commit()
db_session.remove()
self.authorize(username=record['username'],
password=password['new_password'])
response = self.call_endpoint(
'/contact/%s' % self.adm_contact_2,
'get',
extraheaders={'Accept-Language': 'es_ES'})
self.assertEqual(response.get_json(), expected)
self.assertEqual(response.status_code, 403)
def test_ratelimit_exceptions(self, mock_get, mock_pipeline, mock_error):
with self.app.test_request_context():
g.db = database.get_session()
self.assertFalse(RateLimit().call(uid=None),
msg='Anonymous requests should not be limited')
mock_get.side_effect = ConnectionError('testlimit')
self.assertFalse(RateLimit().call(uid=self.test_uid))
mock_error.assert_called_with(
dict(action='ratelimit.call', message='testlimit'))
mock_get.side_effect = None
mock_pipeline.side_effect = DataError('key not set')
self.assertFalse(RateLimit().call(uid=self.test_uid))
mock_error.assert_called_with(
dict(action='ratelimit.call', message='key not set'))
g.db.remove()
def test_get_expired_grant(self):
record = dict(
name='lists',
value="20",
uid=self.test_uid,
expires=(datetime.utcnow() -
timedelta(hours=1)).strftime('%Y-%m-%dT%H:%M:%SZ'))
expected = dict(owner=self.test_person_name,
rbac='dru',
status='active',
**record)
with self.app.test_request_context():
g.db = database.get_session()
self.assertEqual(
int(Grants().get(record['name'], uid=self.test_uid)),
self.config.DEFAULT_GRANTS[record['name']])
response = self.call_endpoint('/grant', 'post', data=record)
self.assertEqual(response.status_code, 201)
id = response.get_json()['id']
response = self.call_endpoint('/grant/%s' % id, 'get')
self.assertEqual(response.status_code, 200)
result = response.get_json()
del (result['created'])
expected['id'] = id
self.assertEqual(result, expected)
self.assertEqual(Grants().get(record['name'], uid=self.test_uid),
self.config.DEFAULT_GRANTS[record['name']])
g.db.remove()
# Clean up the grant
response = self.call_endpoint('/grant/%s' % id, 'delete')
self.assertEqual(response.status_code, 204)
