def setUp(self):
super(TestAuthMiddleware, self).setUp()
cache.clear()
self.raw_request = HttpRequest()
self.raw_request.COOKIES = {}
self.raw_request.session = object()
self.raw_response = HttpResponse()
self.mi = AuthMiddleware()
def setUp(self):
super(TestAuthMiddleware, self).setUp()
cache.clear()
self.raw_request = HttpRequest()
self.raw_request.COOKIES = {}
self.raw_request.session = object()
self.raw_response = HttpResponse()
self.mi = AuthMiddleware()
class TestAuthMiddleware(DBUserTestCase):
def setUp(self):
super(TestAuthMiddleware, self).setUp()
cache.clear()
self.raw_request = HttpRequest()
self.raw_request.COOKIES = {}
self.raw_request.session = object()
self.raw_response = HttpResponse()
self.mi = AuthMiddleware()
def test_get_user_no_cookie_user_is_anonymous(self):
assert_equals(AnonymousUser, type(get_user(self.raw_request)))
@patch('entree.client.managers.EntreeUserFetcherMixin.fetch')
def test_get_user_invalid_cookie_deleted(self, mocked_fetch):
mocked_fetch.side_effect = InvalidAuth('foo')
r = self.raw_request
r.COOKIES[ECOOKIE['NAME']] = 'foo'
assert_equals(InvalidUser, type(get_user(r)))
assert_equals({}, r.COOKIES)
def test_process_request_inject_entree_user_property(self):
self.mi.process_request(self.raw_request)
assert_equals(AnonymousUser, self.raw_request.entree_user.__class__)
def test_process_response_no_cookie_set_cookie(self):
self.raw_request.entree_user = AnonymousUser()
assert ECOOKIE['NAME'] not in self.raw_response.cookies.keys()
self.mi.process_response(self.raw_request, self.raw_response)
assert ECOOKIE['NAME'] in self.raw_response.cookies.keys()
def test_process_response_anon_cookie_dont_set_cookie(self):
self.raw_request.entree_user = AnonymousUser()
self.raw_request.COOKIES[ECOOKIE['NAME']] = ECOOKIE['ANONYMOUS_VALUE']
self.mi.process_response(self.raw_request, self.raw_response)
assert_equals([], self.raw_response.cookies.keys())
def test_process_response_invalid_cookie_dont_set_cookie(self):
self.raw_request.entree_user = InvalidUser()
self.raw_request.COOKIES[ECOOKIE['NAME']] = ECOOKIE['INVALID']
self.mi.process_response(self.raw_request, self.raw_response)
assert_equals([], self.raw_response.cookies.keys())
def test_process_response_valid_cookie_checksum_calculation(self):
self.raw_request.entree_user = AnonymousUser()
cookie_val = 'no checksum value'
self.raw_request.COOKIES[ECOOKIE['NAME']] = cookie_val
self.mi.process_response(self.raw_request, self.raw_response)
expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join(
[cookie_val, calc_checksum(cookie_val, length=10)])
set_cookie = self.raw_response.cookies[ECOOKIE['NAME']]
assert expected_cookie in str(set_cookie)
def test_process_response_valid_cookie_valid_checksum_dont_set_cookie(
self):
#self.raw_request.entree_user = AnonymousUser()
cookie_val = 'w/ checksum value'
expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join(
[cookie_val, calc_checksum(cookie_val, length=10)])
self.raw_request.COOKIES[ECOOKIE['NAME']] = expected_cookie
self.mi.process_response(self.raw_request, self.raw_response)
assert_equals([], self.raw_response.cookies.keys())
def test_process_response_cookie_invalid_checksum_set_cookie(self):
#self.raw_request.entree_user = AnonymousUser()
cookie_val = 'w/ checksum value'
expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join(
[cookie_val, calc_checksum(cookie_val, length=10)])
self.raw_request.COOKIES[ECOOKIE['NAME']] = expected_cookie[:-1]
self.mi.process_response(self.raw_request, self.raw_response)
assert ECOOKIE['INVALID'] in str(
self.raw_response.cookies[ECOOKIE['NAME']])
class TestAuthMiddleware(DBUserTestCase):
def setUp(self):
super(TestAuthMiddleware, self).setUp()
cache.clear()
self.raw_request = HttpRequest()
self.raw_request.COOKIES = {}
self.raw_request.session = object()
self.raw_response = HttpResponse()
self.mi = AuthMiddleware()
def test_get_user_no_cookie_user_is_anonymous(self):
assert_equals(AnonymousUser, type(get_user(self.raw_request)))
@patch("entree.client.managers.EntreeUserFetcherMixin.fetch")
def test_get_user_invalid_cookie_deleted(self, mocked_fetch):
mocked_fetch.side_effect = InvalidAuth("foo")
r = self.raw_request
r.COOKIES[ECOOKIE["NAME"]] = "foo"
assert_equals(InvalidUser, type(get_user(r)))
assert_equals({}, r.COOKIES)
def test_process_request_inject_entree_user_property(self):
self.mi.process_request(self.raw_request)
assert_equals(AnonymousUser, self.raw_request.entree_user.__class__)
def test_process_response_no_cookie_set_cookie(self):
self.raw_request.entree_user = AnonymousUser()
assert ECOOKIE["NAME"] not in self.raw_response.cookies.keys()
self.mi.process_response(self.raw_request, self.raw_response)
assert ECOOKIE["NAME"] in self.raw_response.cookies.keys()
def test_process_response_anon_cookie_dont_set_cookie(self):
self.raw_request.entree_user = AnonymousUser()
self.raw_request.COOKIES[ECOOKIE["NAME"]] = ECOOKIE["ANONYMOUS_VALUE"]
self.mi.process_response(self.raw_request, self.raw_response)
assert_equals([], self.raw_response.cookies.keys())
def test_process_response_invalid_cookie_dont_set_cookie(self):
self.raw_request.entree_user = InvalidUser()
self.raw_request.COOKIES[ECOOKIE["NAME"]] = ECOOKIE["INVALID"]
self.mi.process_response(self.raw_request, self.raw_response)
assert_equals([], self.raw_response.cookies.keys())
def test_process_response_valid_cookie_checksum_calculation(self):
self.raw_request.entree_user = AnonymousUser()
cookie_val = "no checksum value"
self.raw_request.COOKIES[ECOOKIE["NAME"]] = cookie_val
self.mi.process_response(self.raw_request, self.raw_response)
expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join([cookie_val, calc_checksum(cookie_val, length=10)])
set_cookie = self.raw_response.cookies[ECOOKIE["NAME"]]
assert expected_cookie in str(set_cookie)
def test_process_response_valid_cookie_valid_checksum_dont_set_cookie(self):
# self.raw_request.entree_user = AnonymousUser()
cookie_val = "w/ checksum value"
expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join([cookie_val, calc_checksum(cookie_val, length=10)])
self.raw_request.COOKIES[ECOOKIE["NAME"]] = expected_cookie
self.mi.process_response(self.raw_request, self.raw_response)
assert_equals([], self.raw_response.cookies.keys())
def test_process_response_cookie_invalid_checksum_set_cookie(self):
# self.raw_request.entree_user = AnonymousUser()
cookie_val = "w/ checksum value"
expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join([cookie_val, calc_checksum(cookie_val, length=10)])
self.raw_request.COOKIES[ECOOKIE["NAME"]] = expected_cookie[:-1]
self.mi.process_response(self.raw_request, self.raw_response)
assert ECOOKIE["INVALID"] in str(self.raw_response.cookies[ECOOKIE["NAME"]])
