def setUp(self): super(TestAuthMiddleware, self).setUp() cache.clear() self.raw_request = HttpRequest() self.raw_request.COOKIES = {} self.raw_request.session = object() self.raw_response = HttpResponse() self.mi = AuthMiddleware()
class TestAuthMiddleware(DBUserTestCase): def setUp(self): super(TestAuthMiddleware, self).setUp() cache.clear() self.raw_request = HttpRequest() self.raw_request.COOKIES = {} self.raw_request.session = object() self.raw_response = HttpResponse() self.mi = AuthMiddleware() def test_get_user_no_cookie_user_is_anonymous(self): assert_equals(AnonymousUser, type(get_user(self.raw_request))) @patch('entree.client.managers.EntreeUserFetcherMixin.fetch') def test_get_user_invalid_cookie_deleted(self, mocked_fetch): mocked_fetch.side_effect = InvalidAuth('foo') r = self.raw_request r.COOKIES[ECOOKIE['NAME']] = 'foo' assert_equals(InvalidUser, type(get_user(r))) assert_equals({}, r.COOKIES) def test_process_request_inject_entree_user_property(self): self.mi.process_request(self.raw_request) assert_equals(AnonymousUser, self.raw_request.entree_user.__class__) def test_process_response_no_cookie_set_cookie(self): self.raw_request.entree_user = AnonymousUser() assert ECOOKIE['NAME'] not in self.raw_response.cookies.keys() self.mi.process_response(self.raw_request, self.raw_response) assert ECOOKIE['NAME'] in self.raw_response.cookies.keys() def test_process_response_anon_cookie_dont_set_cookie(self): self.raw_request.entree_user = AnonymousUser() self.raw_request.COOKIES[ECOOKIE['NAME']] = ECOOKIE['ANONYMOUS_VALUE'] self.mi.process_response(self.raw_request, self.raw_response) assert_equals([], self.raw_response.cookies.keys()) def test_process_response_invalid_cookie_dont_set_cookie(self): self.raw_request.entree_user = InvalidUser() self.raw_request.COOKIES[ECOOKIE['NAME']] = ECOOKIE['INVALID'] self.mi.process_response(self.raw_request, self.raw_response) assert_equals([], self.raw_response.cookies.keys()) def test_process_response_valid_cookie_checksum_calculation(self): self.raw_request.entree_user = AnonymousUser() cookie_val = 'no checksum value' self.raw_request.COOKIES[ECOOKIE['NAME']] = cookie_val self.mi.process_response(self.raw_request, self.raw_response) expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join( [cookie_val, calc_checksum(cookie_val, length=10)]) set_cookie = self.raw_response.cookies[ECOOKIE['NAME']] assert expected_cookie in str(set_cookie) def test_process_response_valid_cookie_valid_checksum_dont_set_cookie( self): #self.raw_request.entree_user = AnonymousUser() cookie_val = 'w/ checksum value' expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join( [cookie_val, calc_checksum(cookie_val, length=10)]) self.raw_request.COOKIES[ECOOKIE['NAME']] = expected_cookie self.mi.process_response(self.raw_request, self.raw_response) assert_equals([], self.raw_response.cookies.keys()) def test_process_response_cookie_invalid_checksum_set_cookie(self): #self.raw_request.entree_user = AnonymousUser() cookie_val = 'w/ checksum value' expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join( [cookie_val, calc_checksum(cookie_val, length=10)]) self.raw_request.COOKIES[ECOOKIE['NAME']] = expected_cookie[:-1] self.mi.process_response(self.raw_request, self.raw_response) assert ECOOKIE['INVALID'] in str( self.raw_response.cookies[ECOOKIE['NAME']])
class TestAuthMiddleware(DBUserTestCase): def setUp(self): super(TestAuthMiddleware, self).setUp() cache.clear() self.raw_request = HttpRequest() self.raw_request.COOKIES = {} self.raw_request.session = object() self.raw_response = HttpResponse() self.mi = AuthMiddleware() def test_get_user_no_cookie_user_is_anonymous(self): assert_equals(AnonymousUser, type(get_user(self.raw_request))) @patch("entree.client.managers.EntreeUserFetcherMixin.fetch") def test_get_user_invalid_cookie_deleted(self, mocked_fetch): mocked_fetch.side_effect = InvalidAuth("foo") r = self.raw_request r.COOKIES[ECOOKIE["NAME"]] = "foo" assert_equals(InvalidUser, type(get_user(r))) assert_equals({}, r.COOKIES) def test_process_request_inject_entree_user_property(self): self.mi.process_request(self.raw_request) assert_equals(AnonymousUser, self.raw_request.entree_user.__class__) def test_process_response_no_cookie_set_cookie(self): self.raw_request.entree_user = AnonymousUser() assert ECOOKIE["NAME"] not in self.raw_response.cookies.keys() self.mi.process_response(self.raw_request, self.raw_response) assert ECOOKIE["NAME"] in self.raw_response.cookies.keys() def test_process_response_anon_cookie_dont_set_cookie(self): self.raw_request.entree_user = AnonymousUser() self.raw_request.COOKIES[ECOOKIE["NAME"]] = ECOOKIE["ANONYMOUS_VALUE"] self.mi.process_response(self.raw_request, self.raw_response) assert_equals([], self.raw_response.cookies.keys()) def test_process_response_invalid_cookie_dont_set_cookie(self): self.raw_request.entree_user = InvalidUser() self.raw_request.COOKIES[ECOOKIE["NAME"]] = ECOOKIE["INVALID"] self.mi.process_response(self.raw_request, self.raw_response) assert_equals([], self.raw_response.cookies.keys()) def test_process_response_valid_cookie_checksum_calculation(self): self.raw_request.entree_user = AnonymousUser() cookie_val = "no checksum value" self.raw_request.COOKIES[ECOOKIE["NAME"]] = cookie_val self.mi.process_response(self.raw_request, self.raw_response) expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join([cookie_val, calc_checksum(cookie_val, length=10)]) set_cookie = self.raw_response.cookies[ECOOKIE["NAME"]] assert expected_cookie in str(set_cookie) def test_process_response_valid_cookie_valid_checksum_dont_set_cookie(self): # self.raw_request.entree_user = AnonymousUser() cookie_val = "w/ checksum value" expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join([cookie_val, calc_checksum(cookie_val, length=10)]) self.raw_request.COOKIES[ECOOKIE["NAME"]] = expected_cookie self.mi.process_response(self.raw_request, self.raw_response) assert_equals([], self.raw_response.cookies.keys()) def test_process_response_cookie_invalid_checksum_set_cookie(self): # self.raw_request.entree_user = AnonymousUser() cookie_val = "w/ checksum value" expected_cookie = COOKIE_CHECKSUM_SEPARATOR.join([cookie_val, calc_checksum(cookie_val, length=10)]) self.raw_request.COOKIES[ECOOKIE["NAME"]] = expected_cookie[:-1] self.mi.process_response(self.raw_request, self.raw_response) assert ECOOKIE["INVALID"] in str(self.raw_response.cookies[ECOOKIE["NAME"]])