def setUp(self): self.services_factory = mock() self.portal = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' leap_session = mock(LeapSession) user_auth = mock() user_auth.uuid = 'some_user_uuid' leap_session.user_auth = user_auth config = mock() config.leap_home = 'some_folder' leap_session.config = config leap_session.fresh_account = False self.leap_session = leap_session self.user_auth = user_auth
def set_up_protected_resources(root_resource, provider, services_factory, checker=None): if not checker: checker = LeapPasswordChecker(provider) session_checker = SessionChecker() anonymous_resource = LoginResource(services_factory) realm = PixelatedRealm(root_resource, anonymous_resource) _portal = portal.Portal(realm, [checker, session_checker, AllowAnonymousAccess()]) protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, []) anonymous_resource.set_portal(_portal) root_resource.initialize(_portal) return protected_resource
def set_up_protected_resources(root_resource, provider, services_factory, checker=None, banner=None): if not checker: checker = LeapPasswordChecker(provider) session_checker = SessionChecker(services_factory) anonymous_resource = LoginResource(services_factory, disclaimer_banner=banner) realm = PixelatedRealm(root_resource, anonymous_resource) _portal = portal.Portal(realm, [checker, session_checker, AllowAnonymousAccess()]) protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, []) anonymous_resource.set_portal(_portal) root_resource.initialize(_portal, disclaimer_banner=banner) return protected_resource
def initialize(self, portal=None, disclaimer_banner=None): self._child_resources.add('sandbox', SandboxResource(self._static_folder)) self._child_resources.add('assets', File(self._static_folder)) self._child_resources.add('keys', KeysResource(self._services_factory)) self._child_resources.add(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory)) self._child_resources.add('contacts', ContactsResource(self._services_factory)) self._child_resources.add('features', FeaturesResource(portal)) self._child_resources.add('tags', TagsResource(self._services_factory)) self._child_resources.add('mails', MailsResource(self._services_factory)) self._child_resources.add('mail', MailResource(self._services_factory)) self._child_resources.add('feedback', FeedbackResource(self._services_factory)) self._child_resources.add('user-settings', UserSettingsResource(self._services_factory)) self._child_resources.add( LoginResource.BASE_URL, LoginResource(self._services_factory, portal, disclaimer_banner=disclaimer_banner)) self._child_resources.add(LogoutResource.BASE_URL, LogoutResource(self._services_factory)) self._mode = MODE_RUNNING
def setUp(self): self.services_factory = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.provider) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' user_auth = mock() user_auth.uuid = 'some_user_uuid' self.user_auth = user_auth
def initialize(self, provider=None, disclaimer_banner=None, authenticator=None): self._child_resources.add('assets', File(self._protected_static_folder)) self._child_resources.add(AccountRecoveryResource.BASE_URL, AccountRecoveryResource(self._services_factory)) self._child_resources.add('backup-account', BackupAccountResource(self._services_factory, authenticator, provider)) self._child_resources.add('sandbox', SandboxResource(self._protected_static_folder)) self._child_resources.add('keys', KeysResource(self._services_factory)) self._child_resources.add(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory)) self._child_resources.add('contacts', ContactsResource(self._services_factory)) self._child_resources.add('features', FeaturesResource(provider)) self._child_resources.add('tags', TagsResource(self._services_factory)) self._child_resources.add('mails', MailsResource(self._services_factory)) self._child_resources.add('mail', MailResource(self._services_factory)) self._child_resources.add('feedback', FeedbackResource(self._services_factory)) self._child_resources.add('user-settings', UserSettingsResource(self._services_factory)) self._child_resources.add('users', UsersResource(self._services_factory)) self._child_resources.add(LoginResource.BASE_URL, LoginResource(self._services_factory, provider, disclaimer_banner=disclaimer_banner, authenticator=authenticator)) self._child_resources.add(LogoutResource.BASE_URL, LogoutResource(self._services_factory)) self._mode = MODE_RUNNING
def set_up_protected_resources(root_resource, provider, services_factory, banner=None, authenticator=None): auth = authenticator or Authenticator(provider) session_checker = SessionChecker(services_factory) realm = PixelatedRealm() _portal = portal.Portal(realm, [session_checker, AllowAnonymousAccess()]) anonymous_resource = LoginResource(services_factory, provider, disclaimer_banner=banner, authenticator=auth) protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, []) root_resource.initialize(provider, disclaimer_banner=banner, authenticator=auth) return protected_resource
class TestLoginPOST(unittest.TestCase): def setUp(self): self.services_factory = mock() self.portal = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' leap_session = mock(LeapSession) user_auth = mock() user_auth.uuid = 'some_user_uuid' leap_session.user_auth = user_auth config = mock() config.leap_home = 'some_folder' leap_session.config = config leap_session.fresh_account = False self.leap_session = leap_session self.user_auth = user_auth def mock_user_has_services_setup(self): when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True) def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(self): irrelevant = None when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant)) when(self.services_factory).create_services_from(self.leap_session).thenAnswer(self.mock_user_has_services_setup) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) verify(self.services_factory).create_services_from(self.leap_session) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) self.assertTrue(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d def test_login_does_not_reload_services_if_already_loaded(self): irrelevant = None when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant)) when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) verify(self.services_factory).is_logged_in('some_user_uuid') verifyNoMoreInteractions(self.services_factory) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) self.assertTrue(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d def test_should_return_form_back_with_error_message_when_login_fails(self): when(self.portal).login(ANY(), None, IResource).thenRaise(Exception()) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) self.assertEqual(401, self.request.responseCode) written_response = ''.join(self.request.written) self.assertIn('Invalid credentials', written_response) self.assertFalse(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d @patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create') @patch('leap.auth.SRPAuth.authenticate') @patch('pixelated.config.services.Services.setup') def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create): mock_leap_srp_auth.side_effect = SRPAuthenticationError() d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) self.assertFalse(mock_leap_session_create.called) self.assertFalse(mock_service_setup.called) self.assertEqual(401, self.request.responseCode) self.assertFalse(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d @patch('twisted.web.util.redirectTo') @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_should_not_process_login_if_already_logged_in(self, mock_logged_in, mock_redirect): mock_logged_in.return_value = True when(self.services_factory).is_logged_in(ANY()).thenReturn(True) mock_redirect.return_value = "mocked redirection" when(self.portal).login(ANY(), None, IResource).thenRaise(Exception()) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verifyZeroInteractions(self.portal) mock_redirect.assert_called_once_with('/', self.request) d.addCallback(assert_login_setup_service_for_user) return d
def setUp(self): self.services_factory = mock() self.portal = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource)
class TestLoginPOST(unittest.TestCase): def setUp(self): self.services_factory = mock() self.portal = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' leap_session = mock(LeapSession) user_auth = mock() user_auth.uuid = 'some_user_uuid' leap_session.user_auth = user_auth config = mock() config.leap_home = 'some_folder' leap_session.config = config leap_session.fresh_account = False self.leap_session = leap_session self.user_auth = user_auth def mock_user_has_services_setup(self): when(self.services_factory).is_logged_in('some_user_uuid').thenReturn( True) def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory( self): irrelevant = None when(self.portal).login(ANY(), None, IResource).thenReturn( (irrelevant, self.leap_session, irrelevant)) when(self.services_factory).create_services_from( self.leap_session).thenAnswer(self.mock_user_has_services_setup) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) verify(self.services_factory).create_services_from( self.leap_session) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) self.assertTrue(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d def test_login_does_not_reload_services_if_already_loaded(self): irrelevant = None when(self.portal).login(ANY(), None, IResource).thenReturn( (irrelevant, self.leap_session, irrelevant)) when(self.services_factory).is_logged_in('some_user_uuid').thenReturn( True) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) verify(self.services_factory).is_logged_in('some_user_uuid') verifyNoMoreInteractions(self.services_factory) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) self.assertTrue(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d def test_should_return_form_back_with_error_message_when_login_fails(self): when(self.portal).login(ANY(), None, IResource).thenRaise(Exception()) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) self.assertEqual(401, self.request.responseCode) written_response = ''.join(self.request.written) self.assertIn('Invalid credentials', written_response) self.assertFalse(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d @patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create') @patch('leap.auth.SRPAuth.authenticate') @patch('pixelated.config.services.Services.setup') def test_leap_session_is_not_created_when_leap_auth_fails( self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create): mock_leap_srp_auth.side_effect = SRPAuthenticationError() d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) self.assertFalse(mock_leap_session_create.called) self.assertFalse(mock_service_setup.called) self.assertEqual(401, self.request.responseCode) self.assertFalse(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d @patch('twisted.web.util.redirectTo') @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_should_not_process_login_if_already_logged_in( self, mock_logged_in, mock_redirect): mock_logged_in.return_value = True when(self.services_factory).is_logged_in(ANY()).thenReturn(True) mock_redirect.return_value = "mocked redirection" when(self.portal).login(ANY(), None, IResource).thenRaise(Exception()) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verifyZeroInteractions(self.portal) mock_redirect.assert_called_once_with('/', self.request) d.addCallback(assert_login_setup_service_for_user) return d
class TestLoginPOST(unittest.TestCase): def setUp(self): self.services_factory = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.provider) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' user_auth = mock() user_auth.uuid = 'some_user_uuid' self.user_auth = user_auth @patch('pixelated.authentication.Authenticator.authenticate') @patch('twisted.web.util.redirectTo') @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_should_redirect_to_home_if_user_if_already_logged_in(self, mock_logged_in, mock_redirect, mock_authenticate): mock_logged_in.return_value = True when(self.services_factory).has_session(ANY()).thenReturn(True) mock_redirect.return_value = "mocked redirection" d = self.web.get(self.request) def assert_redirected_to_home(_): mock_redirect.assert_called_once_with('/', self.request) self.assertFalse(mock_authenticate.called) d.addCallback(assert_redirected_to_home) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') @patch('pixelated.authentication.Authenticator.authenticate') def test_should_return_form_back_with_error_message_when_login_fails(self, mock_authenticate, mock_user_bootstrap_setup): mock_authenticate.side_effect = UnauthorizedLogin() d = self.web.get(self.request) def assert_error_response_and_user_services_not_setup(_): mock_authenticate.assert_called_once_with(self.username, self.password) self.assertEqual(401, self.request.responseCode) written_response = ''.join(self.request.written) self.assertIn('Invalid username or password', written_response) self.assertFalse(mock_user_bootstrap_setup.called) self.assertFalse(self.resource.get_session(self.request).is_logged_in()) d.addCallback(assert_error_response_and_user_services_not_setup) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') @patch('pixelated.authentication.Authenticator.authenticate') def test_successful_login_responds_interstitial(self, mock_authenticate, mock_user_bootstrap_setup): mock_authenticate.return_value = self.user_auth d = self.web.get(self.request) def assert_interstitial_in_response(_): mock_authenticate.assert_called_once_with(self.username, self.password) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) d.addCallback(assert_interstitial_in_response) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') @patch('pixelated.authentication.Authenticator.authenticate') def test_successful_login_runs_user_services_bootstrap_when_interstitial_loaded(self, mock_authenticate, mock_user_bootstrap_setup): mock_authenticate.return_value = self.user_auth d = self.web.get(self.request) def assert_login_setup_service_for_user(_): mock_user_bootstrap_setup.assert_called_once_with(self.user_auth, self.password, 'pt-BR') d.addCallback(assert_login_setup_service_for_user) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') @patch('pixelated.authentication.Authenticator.authenticate') def test_successful_adds_cookies_to_indicat_logged_in_status_when_services_are_loaded(self, mock_authenticate, mock_user_bootstrap_setup): mock_authenticate.return_value = self.user_auth irrelevant = None mock_user_bootstrap_setup.return_value = defer.succeed(irrelevant) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): self.assertTrue(self.resource.get_session(self.request).is_logged_in()) d.addCallback(assert_login_setup_service_for_user) return d
class TestLoginPOST(unittest.TestCase): def setUp(self): self.services_factory = mock() self.provider = mock() self.authenticator = MagicMock() self.resource = LoginResource(self.services_factory, self.provider, authenticator=self.authenticator) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' user_auth = mock() user_auth.uuid = 'some_user_uuid' self.user_auth = user_auth @patch('twisted.web.util.redirectTo') @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_should_redirect_to_home_if_user_if_already_logged_in(self, mock_logged_in, mock_redirect): mock_logged_in.return_value = True when(self.services_factory).has_session(ANY()).thenReturn(True) mock_redirect.return_value = "mocked redirection" d = self.web.get(self.request) def assert_redirected_to_home(_): mock_redirect.assert_called_once_with('/', self.request) self.assertFalse(self.authenticator.authenticate.called) d.addCallback(assert_redirected_to_home) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') @patch('twisted.web.util.redirectTo') def test_should_redirect_to_login_with_error_flag_when_login_fails(self, mock_redirect, mock_user_bootstrap_setup): self.authenticator.authenticate.side_effect = UnauthorizedLogin() mock_redirect.return_value = "mocked redirection" d = self.web.get(self.request) def assert_redirected_to_login(_): self.authenticator.authenticate.assert_called_once_with(self.username, self.password) mock_redirect.assert_called_once_with('/login?auth-error', self.request) self.assertFalse(mock_user_bootstrap_setup.called) self.assertFalse(self.resource.get_session(self.request).is_logged_in()) d.addCallback(assert_redirected_to_login) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') def test_successful_login_responds_interstitial(self, mock_user_bootstrap_setup): self.authenticator.authenticate.return_value = self.user_auth d = self.web.get(self.request) def assert_interstitial_in_response(_): self.authenticator.authenticate.assert_called_once_with(self.username, self.password) interstitial_js_in_template = '<script src="/public/interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) d.addCallback(assert_interstitial_in_response) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') def test_successful_login_runs_user_services_bootstrap_when_interstitial_loaded(self, mock_user_bootstrap_setup): self.authenticator.authenticate.return_value = self.user_auth d = self.web.get(self.request) def assert_login_setup_service_for_user(_): mock_user_bootstrap_setup.assert_called_once_with(self.user_auth, self.password, 'en-US') d.addCallback(assert_login_setup_service_for_user) return d @patch('pixelated.config.leap.BootstrapUserServices.setup') def test_successful_adds_cookies_to_indicate_logged_in_status_when_services_are_loaded(self, mock_user_bootstrap_setup): self.authenticator.authenticate.return_value = self.user_auth irrelevant = None mock_user_bootstrap_setup.return_value = defer.succeed(irrelevant) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): self.assertTrue(self.resource.get_session(self.request).is_logged_in()) d.addCallback(assert_login_setup_service_for_user) return d @patch('pixelated.resources.session.PixelatedSession.login_started') def test_session_adds_login_started_status_after_authentication(self, mock_login_started): self.authenticator.authenticate.return_value = self.user_auth d = self.web.get(self.request) def assert_login_started_called(_): mock_login_started.assert_called_once() d.addCallback(assert_login_started_called) return d @patch('pixelated.resources.session.PixelatedSession.login_successful') @patch('pixelated.config.leap.BootstrapUserServices.setup') def test_session_adds_login_successful_status_when_services_setup_finishes(self, mock_user_bootstrap_setup, mock_login_successful): self.authenticator.authenticate.return_value = self.user_auth mock_user_bootstrap_setup.return_value = defer.succeed(None) d = self.web.get(self.request) def assert_login_successful_called(_): mock_login_successful.assert_called_once() d.addCallback(assert_login_successful_called) return d @patch('pixelated.resources.session.PixelatedSession.login_error') @patch('pixelated.config.leap.BootstrapUserServices.setup') def test_session_adds_login_error_status_when_services_setup_gets_error(self, mock_user_bootstrap_setup, mock_login_error): self.authenticator.authenticate.return_value = self.user_auth mock_user_bootstrap_setup.return_value = defer.fail(Exception('Could not setup user services')) d = self.web.get(self.request) def assert_login_error_called(_): mock_login_error.assert_called_once() d.addCallback(assert_login_error_called) return d