def test_read_user(self): user = User('username', 'asdfghjkl;') db.session.add(user) db.session.commit() response = self.get_with_status_check('/api/users/{}'.format(user.id), headers=self.headers, status_code=SUCCESS) self.assertDictEqual(response, user.as_json())
def test_has_role_user_with_role(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) user = User('username', 'password') user.set_roles(role_ids) db.session.commit() for role in role_ids: self.assertTrue(user.has_role(role))
def test_save_message_with_roles(self): role = Role('some role') db.session.add(role) user1 = User('aaaaa', 'passssss', roles=[role.id]) user2 = User('bbbbb', 'passs', roles=[role.id]) db.session.add(user1) db.session.add(user2) db.session.commit() message_data = { 'users': [user1.id], 'roles': [role.id], 'subject': 'Re: This thing', 'requires_reauth': False } workflow_execution_id = uuid4() body = [{ 'text': 'Here is something to look at' }, { 'url': 'look.here.com' }] save_message(body, message_data, workflow_execution_id, False) messages = Message.query.all() self.assertEqual(len(messages), 1) message = messages[0] self.assertEqual(len(message.users), 2) for user in message.users: self.assertIn(user, [user1, user2])
def test_update_user_password_only_invalid_old_password(self): user = User('username', 'asdfghjkl;') db.session.add(user) db.session.commit() data = {'id': user.id, 'old_password': '******', 'password': '******'} self.put_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=UNAUTHORIZED_ERROR) self.assertTrue(user.verify_password('asdfghjkl;'))
def test_set_roles_none_in_user_some_in_db(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) user = User('username', 'password') added_roles = set(role_ids) added_roles.add(30) user.set_roles(added_roles) db.session.commit() self.assertUserRolesEqual(user, set(role_ids))
def test_first_login(self): user = User('username', 'password') db.session.add(user) db.session.commit() user.login('192.168.0.1') self.assertUserTimestamps(user, current_login=datetime.utcnow()) self.assertUserIps(user, current_ip='192.168.0.1') self.assertLoginCount(user, 1)
def test_update_user_password_only(self): user = User('username', 'asdfghjkl;') db.session.add(user) db.session.commit() data = {'id': user.id, 'old_password': '******', 'password': '******'} response = self.put_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=SUCCESS) self.assertDictEqual(response, user.as_json()) self.assertTrue(user.verify_password('changed!'))
def test_change_password_and_username_invalid_password(self): user = User('username', 'whisperDieselEngine') db.session.add(user) db.session.commit() data = {'id': user.id, 'old_password': '******', 'password': '******', 'username': '******'} self.put_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=UNAUTHORIZED_ERROR) self.assertTrue(user.verify_password('whisperDieselEngine')) self.assertEqual(user.username, 'username')
def test_update_username(self): user = User('username', 'whisperDieselEngine') db.session.add(user) db.session.commit() data = {'id': user.id, 'username': '******'} response = self.put_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=SUCCESS) self.assertEqual(user.username, 'new_name') self.assertDictEqual(response, user.as_json())
def test_as_json_with_user_history(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) user = User('username', 'password') db.session.add(user) user.set_roles(role_ids) user.login('192.168.0.1') first_login_timestamp = datetime.utcnow() user.login('192.168.0.2') second_login_timestamp = datetime.utcnow() user_json = user.as_json(with_user_history=True) expected = {"id": 1, "username": '******', "roles": [{'name': role, 'description': '', 'resources': []} for role in ['role1', 'role2', 'role3']], "active": True, "last_login_at": first_login_timestamp, "current_login_at": second_login_timestamp, "last_login_ip": '192.168.0.1', "current_login_ip": '192.168.0.2', "login_count": 2} self.assertSetEqual(set(user_json.keys()), set(expected.keys())) for key in ['username', 'active', 'last_login_ip', 'current_login_ip', 'login_count']: self.assertEqual(user_json[key], expected[key], '{} for user\'s json in incorrect'.format(key)) self.assertAlmostEqual(timestamp_to_datetime(user_json['last_login_at']), first_login_timestamp, delta=timedelta(milliseconds=100)) self.assertAlmostEqual(timestamp_to_datetime(user_json['current_login_at']), second_login_timestamp, delta=timedelta(milliseconds=100)) for role in user_json['roles']: self.assertIn('id', role) self.assertIn(role['name'], ['role1', 'role2', 'role3']) self.assertListEqual(role['resources'], []) self.assertEqual(role['description'], '')
def test_roles_as_json_with_users_one_user(self): role = Role('role1') db.session.add(role) db.session.commit() user = User('username', 'password') db.session.add(user) user.set_roles([role.id]) expected = {'name': 'role1', 'description': '', 'resources': [], 'users': ['username']} role_json = role.as_json(with_users=True) role_json.pop('id') self.assertDictEqual(role_json, expected)
def test_update_username_name_already_exists(self): user = User('username', 'whisperDieselEngine') db.session.add(user) user2 = User('user2', 'shhnow') db.session.add(user) db.session.add(user2) db.session.commit() data = {'id': user.id, 'username': '******'} self.put_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=BAD_REQUEST) self.assertTrue(user.verify_password('whisperDieselEngine')) # check password wasn't changed
def setUp(self): self.user = User('username', 'password') self.user2 = User('username2', 'password2') self.role = Role('visitor') db.session.add(self.role) db.session.commit() self.user3 = User('username3', 'password3', roles=[self.role.id]) db.session.add(self.user) db.session.add(self.user2) db.session.add(self.user3) db.session.commit()
def put_patch_update_user_with_roles(self, verb): send_func = self.put_with_status_check if verb == 'put' else self.patch_with_status_check role = Role('role1') db.session.add(role) db.session.commit() user = User('username', 'supersecretshhhhh') db.session.add(user) db.session.commit() data = {'id': user.id, 'roles': [{'id': role.id}]} response = send_func('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=SUCCESS) self.assertDictEqual(response, user.as_json()) self.assertSetEqual({role.name for role in user.roles}, {'role1'})
def test_change_password_and_username_invalid_username(self): user = User('username', 'whisperDieselEngine') db.session.add(user) user2 = User('user2', 'somethingelse#@!@#') db.session.add(user) db.session.add(user2) db.session.commit() data = {'id': user.id, 'old_password': '******', 'password': '******', 'username': '******'} self.put_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=BAD_REQUEST) self.assertTrue(user.verify_password('whisperDieselEngine')) self.assertEqual(user.username, 'username') self.assertTrue(user2.verify_password('somethingelse#@!@#')) self.assertEqual(user2.username, 'user2')
def test_create_user_username_already_exists(self): user = User('username', 'asdfghjkl;') db.session.add(user) db.session.commit() data = {'username': '******', 'password': '******'} self.post_with_status_check('/api/users', headers=self.headers, content_type='application/json', data=json.dumps(data), status_code=OBJECT_EXISTS_ERROR)
def test_delete_user(self): user = User('username', 'asdfghjkl;') db.session.add(user) db.session.commit() self.delete_with_status_check('/api/users/{}'.format(user.id), headers=self.headers, status_code=NO_CONTENT)
def test_as_json(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) user = User('username', 'password') db.session.add(user) user.set_roles(role_ids) user.login('192.168.0.1') user.login('192.168.0.2') user_json = user.as_json() expected = { "id": 1, "username": '******', "active": True, "roles": [{ 'name': role, 'description': '', 'resources': [] } for role in ['role1', 'role2', 'role3']] } self.assertSetEqual(set(user_json.keys()), set(expected.keys())) self.assertEqual(user_json['username'], 'username') self.assertEqual(user_json['active'], True) for role in user_json['roles']: self.assertIn('id', role) self.assertIn(role['name'], ['role1', 'role2', 'role3']) self.assertListEqual(role['resources'], []) self.assertEqual(role['description'], '')
def test_user_init(self): user = User('username', 'password') self.assertEqual(user.username, 'username') self.assertUserRolesEqual(user, set()) self.assertUserTimestamps(user) self.assertUserIps(user) db.session.add(user) db.session.commit() self.assertLoginCount(user, 0)
def test_read_users(self): user = User('username', 'asdfghjkl;') db.session.add(user) db.session.commit() response = self.get_with_status_check('/api/users', headers=self.headers, status_code=SUCCESS) self.assertSetEqual({user['username'] for user in response}, {'admin', 'username'})
def test_set_roles_some_in_user_all_in_db(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) x = role_ids.pop() user = User('username', 'password') user.set_roles(role_ids) user.set_roles({x - 1, x}) self.assertUserRolesEqual(user, {x - 1, x})
def test_logout_from_first_login(self): user = User('username', 'password') db.session.add(user) db.session.commit() user.login('192.168.0.1') user.logout() self.assertLoginCount(user, 0)
def test_set_roles_to_none_with_some_in_user(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) user = User('username', 'password') user.set_roles(role_ids) db.session.commit() user.set_roles([]) db.session.commit() self.assertUserRolesEqual(user, set())
def test_add_user_already_exists(self): user = User('username', 'password') db.session.add(user) db.session.commit() user = add_user('username', 'password') self.assertIsNone(user)
def test_verify_invalid_password(self): user = User('username', 'invalid') self.assertFalse(user.verify_password('password'))
def test_password_stored_encrypted(self): user = User('username', 'password') self.assertNotEqual(user.password, 'password')
def test_verify_valid_password(self): user = User('username', 'password') self.assertTrue(user.verify_password('password'))
def test_has_role_user_with_no_roles(self): user = User('username', 'password') self.assertFalse(user.has_role(100))
def test_has_role_user_without_role(self): role_ids = TestUserRolesDatabase.add_roles_to_db(3) user = User('username', 'password') user.set_roles(role_ids) self.assertFalse(user.has_role('invalid'))
def test_remove_user(self): user = User('username', 'password') db.session.add(user) db.session.commit() remove_user('username') self.assertIsNone(User.query.filter_by(username='******').first())