def test_with_and_without_uuid(self): c_with_uuid = fake_profile.FakeProfileConfig().uuid() c_without_uuid = fake_profile.FakeProfileConfig() a = fake_profile.FakeUser(seed=23, config=c_with_uuid) assert a.uuid.value is not None b = fake_profile.FakeUser(seed=23, config=c_without_uuid) assert b.uuid.value is None
def test_null_create_profile(self): empty_profile = profile.User() create_profile = fake_profile.FakeUser( seed=1337, config=fake_profile.FakeProfileConfig().default().create()) update_profile = fake_profile.FakeUser( seed=1337, config=fake_profile.FakeProfileConfig().default()) with pytest.raises(exceptions.PublisherVerificationFailure): update_profile.verify_all_publishers(empty_profile) assert create_profile.verify_all_publishers(empty_profile) is True assert update_profile.verify_all_publishers(create_profile) is True
def test_flask_graphql_query(self): fake_user = fake_profile.FakeUser(seed=1337) class Query(graphene.ObjectType): profile = graphene.Field(cis_g.Profile, user_id=graphene.String(required=True)) def resolve_profile(self, info, user_id): if fake_user.user_id.value == user_id: return fake_user # The following code may be used to test for scopes in the JWT token # However, we're not doing this right now (and we may never need it, but if we do, it's here!) # See fake_auth0.py in cis modules # f = FakeBearer() # token = f.generate_bearer_without_scope() # app.get(... headers={ # 'Authorization': 'Bearer ' + token # }, app = fake_flask_app.app fake_flask_app.add_rule(Query) app.testing = True app = app.test_client() payload = 'query {{profile (user_id:"{}") {{first_name{{value}}}}}}'.format( fake_user.user_id.value) result = app.get("/graphql?query={}".format(payload), follow_redirects=True) assert result.status_code == 200 response = json.loads(result.get_data()) assert response.get("errors") is None assert response["data"]["profile"]["first_name"][ "value"] == fake_user.first_name.value
def setup(self): os.environ["CIS_CONFIG_INI"] = "tests/fixture/mozilla-cis.ini" self.config = get_config() from cis_profile import WellKnown from cis_identity_vault import vault os.environ["CIS_CONFIG_INI"] = "tests/fixture/mozilla-cis.ini" well_known = WellKnown() self.well_known_json = well_known.get_well_known() self.dynamodb_client = boto3.client( "dynamodb", region_name="us-west-2", aws_access_key_id="ak", aws_secret_access_key="sk" ) self.dynamodb_resource = boto3.resource( "dynamodb", region_name="us-west-2", aws_access_key_id="ak", aws_secret_access_key="sk" ) self.vault_client = vault.IdentityVault() self.vault_client.boto_session = Stubber(boto3.session.Session(region_name="us-west-2")).client self.vault_client.dynamodb_client = self.dynamodb_client self.vault_client.find_or_create() self.table = self.dynamodb_resource.Table("testing-identity-vault") self.mr_mozilla_profile = fake_profile.FakeUser(seed=1337).as_dict() from cis_identity_vault.models import user vault_interface = user.Profile(self.table, self.dynamodb_client, False) vault_interface.create(profile_to_vault_structure(user_profile=self.mr_mozilla_profile)) self.mr_mozilla_change_event = kinesis_event_generate(self.mr_mozilla_profile)
def test_fake_dynamo_flat_dict_output(self): # This profile must have ldap groups and staff data p = fake_profile.FakeUser(seed=44) ddb = p.as_dynamo_flat_dict() deserializer = TypeDeserializer() res = {k: deserializer.deserialize(v) for k, v in ddb.items()} assert len(res["access_information"]["ldap"]) > 0 assert len(res["staff_information"]["office_location"]) > 0
def test_fake_user(self): u = fake_profile.FakeUser() print(u.user_id.value) j = u.as_json() d = u.as_dict() assert j is not None assert d is not None assert u.user_id.value is not None u.validate()
def test_null_create_profile(self): empty_profile = profile.User() create_profile = fake_profile.FakeUser( seed=1337, config=fake_profile.FakeProfileConfig().default().minimal().create( ).no_display()) update_profile = fake_profile.FakeUser( seed=1337, config=fake_profile.FakeProfileConfig().minimal().default( ).no_display()) update_profile.uuid = create_profile.uuid update_profile.user_id = create_profile.user_id update_profile.primary_username.value = "test" # invalid because default publisher is cis update_profile.primary_username.signature.publisher.name = "mozilliansorg" with pytest.raises(exceptions.PublisherVerificationFailure): update_profile.verify_all_publishers(empty_profile) assert create_profile.verify_all_publishers(empty_profile) is True assert update_profile.verify_all_publishers(create_profile) is True
def setup(self): os.environ[ "CIS_DISCOVERY_URL"] = "https://auth.allizom.org/.well-known/mozilla-iam" self.helper_configuration = helpers.Configuration() self.null_user = profile.User() u = fake_profile.FakeUser( config=fake_profile.FakeProfileConfig().default().create()) u.uuid = self.null_user.uuid u.primary_username = self.null_user.primary_username u = self.helper_configuration.ensure_appropriate_publishers_and_sign( fake_profile=u, condition="create") u.verify_all_publishers(profile.User(user_structure_json=None)) self.durable_profile = u.as_json()
def test_publishing_stream_not_found(self): from cis_publisher import operation o = operation.Publish() profile_json = fake_profile.FakeUser().as_dict() # send to kinesis o._connect() o.kinesis_client["arn"] = "foo/foo" result = o.to_stream(profile_json) assert result.get("status_code") == 500 assert result.get("sequence_number") is None
def test_super_weird_parititon_key(self): from cis_publisher import operation o = operation.Publish() os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis-bad.ini" # open the full-profile profile_json = fake_profile.FakeUser().as_dict() # send to kinesis o._connect() result = o.to_stream(profile_json) assert result.get("status_code") == 200 assert result.get("sequence_number") is not None
def test_batch_publishing(self): from cis_publisher import operation o = operation.Publish() os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis-bad.ini" profiles = [] for x in range(0, 10): profiles.append(fake_profile.FakeUser().as_dict()) # send to kinesis o._connect() results = o.to_stream_batch(profiles) for result in results: assert result["sequence_number"] is not None assert result["status_code"] is not None
def test_publishing_it_should_succeed(self): from cis_publisher import operation o = operation.Publish() # open the full-profile profile_json = fake_profile.FakeUser().as_dict() # modify an attribute profile_json["last_name"]["value"] = "AFakeLastName" # send to kinesis result = o.to_stream(profile_json) assert result.get("status_code") == 200 assert result.get("sequence_number") is not None
def test_publishing_it_should_fail(self): from cis_publisher import operation o = operation.Publish() # open the full-profile profile_json = fake_profile.FakeUser().as_dict() # modify an attribute profile_json["last_name"]["value"] = ["ImBadDataandICannotlie"] # send to kinesis result = o.to_stream(profile_json) assert result.get("status_code") == 400 assert result.get("sequence_number") is None
def test_graphql_gdict_as_argument(self): fake_user = fake_profile.FakeUser(seed=1337) class Query(graphene.ObjectType): profile = graphene.Field(cis_g.Profile, tags=cis_g.GDict()) def resolve_profile(self, info, tags): if fake_user.tags["values"] == tags: return fake_user schema = graphene.Schema(Query, auto_camelcase=False) result = schema.execute( "query getProfile($tags: GDict!) {profile(tags:$tags) {uuid{value}}}", variables={"tags": json.dumps(fake_user.tags["values"])}, ) assert result.errors is None assert result.data["profile"]["uuid"]["value"] == fake_user.uuid.value
def test_publishing_a_profile_it_should_be_accepted(): u = fake_profile.FakeUser() json_payload = u.as_json() wk = WellKnown() jsonschema.validate(json.loads(json_payload), wk.get_schema()) access_token = exchange_for_access_token() conn = http.client.HTTPSConnection(base_url) logger.info('Attempting connection for: {}'.format(base_url)) headers = { "authorization": "Bearer {}".format(access_token), "Content-type": "application/json" } conn.request("POST", "/v2/user", json_payload, headers=headers) res = conn.getresponse() data = res.read() print(data) assert 0 assert data is not None
def test_graphql_query(self): fake_user = fake_profile.FakeUser(seed=1337) class Query(graphene.ObjectType): profile = graphene.Field(cis_g.Profile, user_id=graphene.String(required=True)) def resolve_profile(self, info, user_id): if fake_user.user_id.value == user_id: return fake_user schema = graphene.Schema(Query, auto_camelcase=False) result = schema.execute( "query getProfile($user_id: String!) {profile(user_id:$user_id) {uuid{value}}}", variables={"user_id": fake_user.user_id.value}, ) assert result.errors is None assert result.data["profile"]["uuid"]["value"] == fake_user.uuid.value
def test_new_user_scenario(self, verify_sigs, verify_pubs): verify_sigs.return_value = False verify_pubs.return_value = True os.environ["CIS_PROCESSOR_VERIFY_SIGNATURES"] = "True" new_user_profile = fake_profile.FakeUser().as_dict() new_user_profile["user_id"]["value"] = "harrypotter" kinesis_event = kinesis_event_generate(new_user_profile) from cis_processor import operation for kinesis_record in kinesis_event["Records"]: base_operation = operation.BaseProcessor( event_record=kinesis_record, dynamodb_client=self.dynamodb_client, dynamodb_table=self.table ) base_operation._load_profiles() needs_integration = base_operation.needs_integration( base_operation.profiles["new_profile"], base_operation.profiles["old_profile"] ) assert needs_integration is True assert ( base_operation.profiles["new_profile"].verify_all_publishers(base_operation.profiles["old_profile"]) is True ) assert base_operation.process() is False
def test_same_fake_user(self): a = fake_profile.FakeUser(seed=1337) b = fake_profile.FakeUser(seed=1337) c = fake_profile.FakeUser(seed=23) assert a.uuid.value == b.uuid.value assert a.uuid.value != c.uuid.value