def test_includeme(monkeypatch):
authn_obj = pretend.stub()
authn_cls = pretend.call_recorder(lambda callback: authn_obj)
authz_obj = pretend.stub()
authz_cls = pretend.call_recorder(lambda: authz_obj)
monkeypatch.setattr(accounts, "SessionAuthenticationPolicy", authn_cls)
monkeypatch.setattr(accounts, "ACLAuthorizationPolicy", authz_cls)
config = pretend.stub(
register_service_factory=pretend.call_recorder(
lambda factory, iface: None
),
add_request_method=pretend.call_recorder(lambda f, name, reify: None),
set_authentication_policy=pretend.call_recorder(lambda p: None),
set_authorization_policy=pretend.call_recorder(lambda p: None),
)
accounts.includeme(config)
config.register_service_factory.calls == [
pretend.call(database_login_factory, IUserService),
]
config.add_request_method.calls == [
pretend.call(accounts._user, name="user", reify=True),
]
config.set_authentication_policy.calls == [pretend.call(authn_obj)]
config.set_authorization_policy.calls == [pretend.call(authz_obj)]
authn_cls.calls == [pretend.call(callback=accounts._authenticate)]
authz_cls.calls == [pretend.call()]
def test_includeme(monkeypatch):
macaroon_authn_obj = pretend.stub()
macaroon_authn_cls = pretend.call_recorder(lambda callback: macaroon_authn_obj)
basic_authn_obj = pretend.stub()
basic_authn_cls = pretend.call_recorder(lambda check: basic_authn_obj)
session_authn_obj = pretend.stub()
session_authn_cls = pretend.call_recorder(lambda callback: session_authn_obj)
authn_obj = pretend.stub()
authn_cls = pretend.call_recorder(lambda *a: authn_obj)
authz_obj = pretend.stub()
authz_cls = pretend.call_recorder(lambda *a, **kw: authz_obj)
monkeypatch.setattr(accounts, "BasicAuthAuthenticationPolicy", basic_authn_cls)
monkeypatch.setattr(accounts, "SessionAuthenticationPolicy", session_authn_cls)
monkeypatch.setattr(accounts, "MacaroonAuthenticationPolicy", macaroon_authn_cls)
monkeypatch.setattr(accounts, "MultiAuthenticationPolicy", authn_cls)
monkeypatch.setattr(accounts, "ACLAuthorizationPolicy", authz_cls)
monkeypatch.setattr(accounts, "MacaroonAuthorizationPolicy", authz_cls)
config = pretend.stub(
registry=pretend.stub(settings={}),
register_service_factory=pretend.call_recorder(
lambda factory, iface, name=None: None
),
add_request_method=pretend.call_recorder(lambda f, name, reify: None),
set_authentication_policy=pretend.call_recorder(lambda p: None),
set_authorization_policy=pretend.call_recorder(lambda p: None),
maybe_dotted=pretend.call_recorder(lambda path: path),
)
accounts.includeme(config)
assert config.register_service_factory.calls == [
pretend.call(database_login_factory, IUserService),
pretend.call(
TokenServiceFactory(name="password"), ITokenService, name="password"
),
pretend.call(TokenServiceFactory(name="email"), ITokenService, name="email"),
pretend.call(
TokenServiceFactory(name="two_factor"), ITokenService, name="two_factor"
),
pretend.call(
HaveIBeenPwnedPasswordBreachedService.create_service,
IPasswordBreachedService,
),
pretend.call(RateLimit("10 per 5 minutes"), IRateLimiter, name="user.login"),
pretend.call(
RateLimit("1000 per 5 minutes"), IRateLimiter, name="global.login"
),
]
assert config.add_request_method.calls == [
pretend.call(accounts._user, name="user", reify=True)
]
assert config.set_authentication_policy.calls == [pretend.call(authn_obj)]
assert config.set_authorization_policy.calls == [pretend.call(authz_obj)]
assert basic_authn_cls.calls == [pretend.call(check=accounts._basic_auth_login)]
assert session_authn_cls.calls == [pretend.call(callback=accounts._authenticate)]
assert authn_cls.calls == [
pretend.call([session_authn_obj, basic_authn_obj, macaroon_authn_obj])
]
assert authz_cls.calls == [pretend.call(), pretend.call(policy=authz_obj)]
def test_includeme(monkeypatch):
authn_obj = pretend.stub()
authn_cls = pretend.call_recorder(lambda callback: authn_obj)
authz_obj = pretend.stub()
authz_cls = pretend.call_recorder(lambda: authz_obj)
monkeypatch.setattr(accounts, "SessionAuthenticationPolicy", authn_cls)
monkeypatch.setattr(accounts, "ACLAuthorizationPolicy", authz_cls)
config = pretend.stub(
register_service_factory=pretend.call_recorder(
lambda factory, iface: None
),
add_request_method=pretend.call_recorder(lambda f, name, reify: None),
set_authentication_policy=pretend.call_recorder(lambda p: None),
set_authorization_policy=pretend.call_recorder(lambda p: None),
)
accounts.includeme(config)
config.register_service_factory.calls == [
pretend.call(database_login_factory, IUserService),
]
config.add_request_method.calls == [
pretend.call(accounts._user, name="user", reify=True),
]
config.set_authentication_policy.calls == [pretend.call(authn_obj)]
config.set_authorization_policy.calls == [pretend.call(authz_obj)]
authn_cls.calls == [pretend.call(callback=accounts._authenticate)]
authz_cls.calls == [pretend.call()]
def test_includeme(monkeypatch):
basic_authn_obj = pretend.stub()
basic_authn_cls = pretend.call_recorder(lambda check: basic_authn_obj)
session_authn_obj = pretend.stub()
session_authn_cls = pretend.call_recorder(lambda callback: session_authn_obj)
authn_obj = pretend.stub()
authn_cls = pretend.call_recorder(lambda *a: authn_obj)
authz_obj = pretend.stub()
authz_cls = pretend.call_recorder(lambda: authz_obj)
monkeypatch.setattr(accounts, "BasicAuthAuthenticationPolicy", basic_authn_cls)
monkeypatch.setattr(accounts, "SessionAuthenticationPolicy", session_authn_cls)
monkeypatch.setattr(accounts, "MultiAuthenticationPolicy", authn_cls)
monkeypatch.setattr(accounts, "ACLAuthorizationPolicy", authz_cls)
config = pretend.stub(
registry=pretend.stub(settings={}),
register_service_factory=pretend.call_recorder(
lambda factory, iface, name=None: None
),
add_request_method=pretend.call_recorder(lambda f, name, reify: None),
set_authentication_policy=pretend.call_recorder(lambda p: None),
set_authorization_policy=pretend.call_recorder(lambda p: None),
maybe_dotted=pretend.call_recorder(lambda path: path),
)
accounts.includeme(config)
assert config.register_service_factory.calls == [
pretend.call(database_login_factory, IUserService),
pretend.call(
TokenServiceFactory(name="password"), ITokenService, name="password"
),
pretend.call(TokenServiceFactory(name="email"), ITokenService, name="email"),
pretend.call(
TokenServiceFactory(name="two_factor"), ITokenService, name="two_factor"
),
pretend.call(
HaveIBeenPwnedPasswordBreachedService.create_service,
IPasswordBreachedService,
),
pretend.call(RateLimit("10 per 5 minutes"), IRateLimiter, name="user.login"),
pretend.call(
RateLimit("1000 per 5 minutes"), IRateLimiter, name="global.login"
),
]
assert config.add_request_method.calls == [
pretend.call(accounts._user, name="user", reify=True)
]
assert config.set_authentication_policy.calls == [pretend.call(authn_obj)]
assert config.set_authorization_policy.calls == [pretend.call(authz_obj)]
assert basic_authn_cls.calls == [pretend.call(check=accounts._basic_auth_login)]
assert session_authn_cls.calls == [pretend.call(callback=accounts._authenticate)]
assert authn_cls.calls == [pretend.call([session_authn_obj, basic_authn_obj])]
assert authz_cls.calls == [pretend.call()]
def test_includeme(monkeypatch):
authz_obj = pretend.stub()
authz_cls = pretend.call_recorder(lambda *a, **kw: authz_obj)
monkeypatch.setattr(accounts, "ACLAuthorizationPolicy", authz_cls)
monkeypatch.setattr(accounts, "MacaroonAuthorizationPolicy", authz_cls)
monkeypatch.setattr(accounts, "TwoFactorAuthorizationPolicy", authz_cls)
multi_policy_obj = pretend.stub()
multi_policy_cls = pretend.call_recorder(
lambda ps, authz: multi_policy_obj)
monkeypatch.setattr(accounts, "MultiSecurityPolicy", multi_policy_cls)
session_policy_obj = pretend.stub()
session_policy_cls = pretend.call_recorder(lambda: session_policy_obj)
monkeypatch.setattr(accounts, "SessionSecurityPolicy", session_policy_cls)
basic_policy_obj = pretend.stub()
basic_policy_cls = pretend.call_recorder(lambda: basic_policy_obj)
monkeypatch.setattr(accounts, "BasicAuthSecurityPolicy", basic_policy_cls)
macaroon_policy_obj = pretend.stub()
macaroon_policy_cls = pretend.call_recorder(lambda: macaroon_policy_obj)
monkeypatch.setattr(accounts, "MacaroonSecurityPolicy",
macaroon_policy_cls)
config = pretend.stub(
registry=pretend.stub(
settings={
"warehouse.account.user_login_ratelimit_string":
"10 per 5 minutes",
"warehouse.account.ip_login_ratelimit_string":
"10 per 5 minutes",
"warehouse.account.global_login_ratelimit_string":
"1000 per 5 minutes",
"warehouse.account.email_add_ratelimit_string": "2 per day",
"warehouse.account.password_reset_ratelimit_string":
"5 per day",
}),
register_service_factory=pretend.call_recorder(
lambda factory, iface, name=None: None),
add_request_method=pretend.call_recorder(lambda f, name, reify: None),
set_security_policy=pretend.call_recorder(lambda p: None),
maybe_dotted=pretend.call_recorder(lambda path: path),
add_route_predicate=pretend.call_recorder(lambda name, cls: None),
)
accounts.includeme(config)
assert config.register_service_factory.calls == [
pretend.call(database_login_factory, IUserService),
pretend.call(TokenServiceFactory(name="password"),
ITokenService,
name="password"),
pretend.call(TokenServiceFactory(name="email"),
ITokenService,
name="email"),
pretend.call(TokenServiceFactory(name="two_factor"),
ITokenService,
name="two_factor"),
pretend.call(
HaveIBeenPwnedPasswordBreachedService.create_service,
IPasswordBreachedService,
),
pretend.call(RateLimit("10 per 5 minutes"),
IRateLimiter,
name="user.login"),
pretend.call(RateLimit("10 per 5 minutes"),
IRateLimiter,
name="ip.login"),
pretend.call(RateLimit("1000 per 5 minutes"),
IRateLimiter,
name="global.login"),
pretend.call(RateLimit("2 per day"), IRateLimiter, name="email.add"),
pretend.call(RateLimit("5 per day"),
IRateLimiter,
name="password.reset"),
]
assert config.add_request_method.calls == [
pretend.call(accounts._user, name="user", reify=True)
]
assert config.set_security_policy.calls == [pretend.call(multi_policy_obj)]
assert multi_policy_cls.calls == [
pretend.call(
[session_policy_obj, basic_policy_obj, macaroon_policy_obj],
authz_obj)
]