def test_user_is_written_to_database_after_successful_auth(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token', 'signin') assert_that(OAuthUser.objects.count(), equal_to(1)) (user, has_permission) = check_permission('correct-token', 'signin') assert_that(has_permission, equal_to(True))
def test_user_is_written_to_database_after_successful_auth(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token', set(['signin'])) assert_that(OAuthUser.objects.count(), equal_to(1)) (user, has_permission) = check_permission( 'correct-token', set(['signin'])) assert_that(has_permission, equal_to(True))
def test_user_with_permission_from_signon_returns_object_and_true(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission( 'correct-token', set(['signin'])) assert_that(user['name'], equal_to('Foobar')) assert_that(has_permission, equal_to(True))
def test_if_permission_is_none_and_no_user_then_fail(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('incorrect-token', set()) assert_that(has_permission, equal_to(False))
def test_no_user_if_no_token_and_anon_user_not_allowed(self): settings.USE_DEVELOPMENT_USERS = False (user, has_permission) = check_permission(None, set(), False) assert_that(has_permission, equal_to(False)) assert_that(user, is_(None))
def test_anon_user_if_no_token(self): settings.USE_DEVELOPMENT_USERS = False (user, has_permission) = check_permission(None, set(['anon']), True) assert_that(has_permission, equal_to(True)) assert_that(user.get('name'), equal_to('Anonymous'))
def test_anon_user_if_no_token(self): settings.USE_DEVELOPMENT_USERS = False (user, has_permission) = check_permission(None, set(['anon']), True) assert_that(has_permission, equal_to(True)) assert_that(user.get('name'), equal_to('Anonymous'))
def test_no_user_if_no_token_and_anon_user_not_allowed(self): settings.USE_DEVELOPMENT_USERS = False (user, has_permission) = check_permission(None, set(), False) assert_that(has_permission, equal_to(False)) assert_that(user, is_(None))
def test_user_with_permission_from_signon_returns_object_and_true(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token', set(['signin'])) assert_that(user['name'], equal_to('Foobar')) assert_that(has_permission, equal_to(True))
def test_user_without_permission_from_signon_returns_none_and_false(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('bad-auth', set(['signin'])) assert_that(user, none()) assert_that(has_permission, equal_to(False))
def test_user_without_permission_from_signon_returns_none_and_false(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission( 'bad-auth', set(['signin'])) assert_that(user, none()) assert_that(has_permission, equal_to(False))
def test_if_permission_is_anon_and_user_then_ok(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token', set(['anon'])) assert_that(has_permission, equal_to(True))
def test_if_permission_is_none_and_no_user_then_fail(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('incorrect-token', set()) assert_that(has_permission, equal_to(False))
def test_if_permission_is_anon_and_user_then_ok(self): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token', set(['anon'])) assert_that(has_permission, equal_to(True))
def test_signon_with_client_id(self, get_patch): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission( 'correct-token', set(['signin'])) get_patch.assert_called_with( 'http://signon.dev.gov.uk/user.json?client_id=clientid', headers={ 'Authorization': 'Bearer correct-token', })
def test_signon_with_client_id(self, get_patch): settings.USE_DEVELOPMENT_USERS = False with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token', set(['signin'])) get_patch.assert_called_with( 'http://signon.dev.gov.uk/user.json?client_id=clientid', headers={ 'Authorization': 'Bearer correct-token', })
def test_user_without_permission_from_database_returns_false(self): settings.USE_DEVELOPMENT_USERS = False OAuthUser.objects.create(access_token='correct-token', uid='my-uid', email='*****@*****.**', permissions=['signin'], expires_at=datetime.now() + timedelta(days=1)) (user, has_permission) = check_permission('correct-token', 'admin') assert_that(has_permission, equal_to(False))
def test_user_without_permission_from_database_returns_false(self): settings.USE_DEVELOPMENT_USERS = False OAuthUser.objects.create(access_token='correct-token', uid='my-uid', email='*****@*****.**', permissions=['signin'], expires_at=datetime.now() + timedelta(days=1)) (user, has_permission) = check_permission( 'correct-token', set(['admin'])) assert_that(has_permission, equal_to(False))
def test_user_with_returns_object_and_true_when_permissions_is_list(self): settings.USE_DEVELOPMENT_USERS = False OAuthUser.objects.create(access_token='correct-token', uid='my-uid', email='*****@*****.**', permissions=['signin'], expires_at=datetime.now() + timedelta(days=1)) (user, has_permission) = check_permission( 'correct-token', set(['signin', 'bob'])) assert_that(user['email'], equal_to('*****@*****.**')) assert_that(has_permission, equal_to(True))
def test_user_with_returns_object_and_true_when_permissions_is_list(self): settings.USE_DEVELOPMENT_USERS = False OAuthUser.objects.create(access_token='correct-token', uid='my-uid', email='*****@*****.**', permissions=['signin'], expires_at=datetime.now() + timedelta(days=1)) (user, has_permission) = check_permission('correct-token', set(['signin', 'bob'])) assert_that(user['email'], equal_to('*****@*****.**')) assert_that(has_permission, equal_to(True))
def test_user_from_database_should_not_be_returned_if_expired(self): settings.USE_DEVELOPMENT_USERS = False OAuthUser.objects.create(access_token='correct-token-2', uid='my-uid', email='*****@*****.**', permissions=['signin'], expires_at=datetime.now() - timedelta(days=1)) with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token-2', set(['admin'])) assert_that(user, none()) assert_that(has_permission, equal_to(False)) assert_that(OAuthUser.objects.count(), equal_to(0))
def test_user_from_database_should_not_be_returned_if_expired(self): settings.USE_DEVELOPMENT_USERS = False OAuthUser.objects.create(access_token='correct-token-2', uid='my-uid', email='*****@*****.**', permissions=['signin'], expires_at=datetime.now() - timedelta(days=1)) with HTTMock(govuk_signon_mock()): (user, has_permission) = check_permission('correct-token-2', set(['admin'])) assert_that(user, none()) assert_that(has_permission, equal_to(False)) assert_that(OAuthUser.objects.count(), equal_to(0))
def test_use_development_users_gets_from_dictionary(self): (user, has_permission) = check_permission('development-oauth-access-token', set(['signin'])) assert_that(user['name'], equal_to('Some User')) assert_that(has_permission, equal_to(True))
def test_no_access_without_role(self): settings.USE_DEVELOPMENT_USERS = False (user, has_permission) = check_permission(None, set(), True) assert_that(has_permission, equal_to(False))
def test_no_access_without_role(self): settings.USE_DEVELOPMENT_USERS = False (user, has_permission) = check_permission(None, set(), True) assert_that(has_permission, equal_to(False))
def test_use_development_users_gets_from_dictionary(self): (user, has_permission) = check_permission( 'development-oauth-access-token', set(['signin'])) assert_that(user['name'], equal_to('Some User')) assert_that(has_permission, equal_to(True))