def setUp(self): super().setUp() self.session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
def setUp(self): super().setUp() self.session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def setUp(self): super().setUp() self._app.permanent_session_lifetime = timedelta(seconds=1) self.session_store = SessionStore('user_ik', 'pepper') self.session_data = SessionData( tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref' )
def test_session_store_ignores_multiple_new_values_in_session_data(self): session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", response_id="response_id", questionnaire_id="questionnaire_id", case_id="case_id", ) session_data.additional_value = "some cool new value you do not know about yet" session_data.second_additional_value = "some other not so cool value" with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertFalse( hasattr(session_store.session_data, "additional_value")) self.assertFalse( hasattr(session_store.session_data, "second_additional_value"))
def setUp(self): super().setUp() self.session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", response_id="response_id", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", case_id="case_id", questionnaire_id="questionnaire_id", ) self.session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def test_save(self): with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", self.session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertEqual(session_store.session_data.tx_id, "tx_id")
def test_save(self): with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', self.session_data, self.expires_at).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertEqual(session_store.session_data.tx_id, 'tx_id')
def test_session_store_reads_data_saved_with_trading_as_but_read_not_expecting_trading_as(self): """This test simulates the case where a session is created using a new session store that holds trading as but this gets read in an old session that does NOT support trading as """ original_loads_func = simplejson.loads class OldSessionData: """class representing what old sessions expect ( no trading as) """ def __init__(self, tx_id, eq_id, form_type, period_str, language_code, survey_url, ru_name, ru_ref, case_id=None, case_ref=None, account_service_url=None, submitted_time=None, **_): self.tx_id = tx_id self.eq_id = eq_id self.form_type = form_type self.period_str = period_str self.language_code = language_code self.survey_url = survey_url self.ru_name = ru_name self.ru_ref = ru_ref self.submitted_time = submitted_time self.case_id = case_id self.case_ref = case_ref self.account_service_url = account_service_url def old_json_loader(raw, object_hook): # pylint: disable=unused-argument """replacement for json.loads to decode to old format ( no trading as) """ old_data = original_loads_func(raw, object_hook=lambda d: OldSessionData(**d)) # call json.loads ,hook pointing to an old class return old_data session_data = SessionData( tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', trad_as='trading_as_name' ) with self._app.test_request_context(): with patch('app.data_model.session_store.json.loads', old_json_loader): # patch json.loads to use old_json_loader above self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertFalse(hasattr(session_store.session_data, 'trad_as'))
def test_legacy_load(self): self._save_session(self.session_id, self.user_id, self.session_data, legacy=True) session_store = SessionStore(self.user_ik, self.pepper, self.session_id) self.assertEqual(session_store.session_data.tx_id, self.session_data.tx_id)
def create_session_store(eq_session_id, user_id, user_ik, session_data): from app.data_model.session_store import SessionStore # pylint: disable=W0212 pepper = current_app.eq['secret_store'].get_secret_by_name( 'EQ_SERVER_SIDE_STORAGE_ENCRYPTION_USER_PEPPER') g._session_store = SessionStore(user_ik, pepper).create(eq_session_id, user_id, session_data).save()
def test_add_data_to_session(self): with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', self.session_data, self.expires_at).save() current_time = datetime.utcnow().isoformat() self.session_store.session_data.submitted_time = current_time self.session_store.save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertEqual(session_store.session_data.submitted_time, current_time)
def create_session_store(eq_session_id, user_id, user_ik, session_data): from app.data_model.session_store import SessionStore pepper = current_app.eq["secret_store"].get_secret_by_name( "EQ_SERVER_SIDE_STORAGE_ENCRYPTION_USER_PEPPER") session_timeout_in_seconds = get_session_timeout_in_seconds(g.schema) expires_at = datetime.now(tz=tzutc()) + timedelta( seconds=session_timeout_in_seconds) # pylint: disable=W0212 g._session_store = (SessionStore(user_ik, pepper).create(eq_session_id, user_id, session_data, expires_at).save())
def get_session_store(): from app.data_model.session_store import SessionStore if USER_IK not in cookie_session or EQ_SESSION_ID not in cookie_session: return None # Sets up a single SessionStore instance per request. store = g.get('_session_store') if store is None: pepper = current_app.eq['secret_store'].get_secret_by_name('EQ_SERVER_SIDE_STORAGE_ENCRYPTION_USER_PEPPER') store = g._session_store = SessionStore(cookie_session[USER_IK], pepper, cookie_session[EQ_SESSION_ID]) return store
def test_session_store_stores_none_for_trading_as_if_not_present(self): session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_reads_data_saved_without_trading_as_but_read_expecting_trading_as(self): old_session_data = SessionData( tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref' ) delattr(old_session_data, 'trad_as') # Make class look like old style class with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', old_session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_stores_trading_as_value_if_present(self): session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', trad_as='trading_as', case_id='case_id') with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data, self.expires_at).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertTrue(hasattr(session_store.session_data, 'trad_as'))
def test_session_store_ignores_new_values_in_session_data(self): session_data = SessionData( tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref' ) session_data.additional_value = 'some cool new value you do not know about yet' with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertFalse(hasattr(session_store.session_data, 'additional_value'))
def test_session_store_stores_none_for_trading_as_if_not_present(self): session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", response_id="response_id", questionnaire_id="questionnaire_id", case_id="case_id", ) with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertIsNone(session_store.session_data.trad_as)
class TestAuthenticator(AppContextTestCase): # pylint: disable=too-many-public-methods def setUp(self): super().setUp() self.session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5) def test_check_session_with_user_id_in_session(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data, self.expires_at) cookie_session[USER_IK] = 'user_ik' # When user = load_user() # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') def test_check_session_with_no_user_id_in_session(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=None): # When user = load_user() # Then self.assertIsNone(user) def test_load_user(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data, self.expires_at) cookie_session[USER_IK] = 'user_ik' # When user = user_loader(None) # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') def test_request_load_user(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data, self.expires_at) cookie_session[USER_IK] = 'user_ik' # When user = request_load_user(None) # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') def test_no_user_when_session_has_expired(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data, expires_at=datetime.now(tzutc())) cookie_session[USER_IK] = 'user_ik' # When user = user_loader(None) # Then self.assertIsNone(user) self.assertIsNone(cookie_session.get(USER_IK)) def test_valid_user_extends_session_expiry(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data, self.expires_at) cookie_session[USER_IK] = 'user_ik' cookie_session['expires_in'] = 5 # When user = user_loader(None) # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') self.assertEqual(user.is_authenticated, True) self.assertGreater(self.session_store.expiration_time, self.expires_at) def test_session_still_valid_without_expiration_time(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create( 'eq_session_id', 'user_id', self.session_data) # expires_at = None cookie_session[USER_IK] = 'user_ik' # When user = user_loader(None) # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') self.assertEqual(user.is_authenticated, True) self.assertIsNone(self.session_store.expiration_time)
class TestAuthenticator(AppContextTestCase): # pylint: disable=too-many-public-methods def setUp(self): super().setUp() self.session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", response_id="response_id", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", case_id="case_id", questionnaire_id="questionnaire_id", ) self.session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5) def test_check_session_with_user_id_in_session(self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create("eq_session_id", "user_id", self.session_data, self.expires_at) cookie_session[USER_IK] = "user_ik" # When user = load_user() # Then self.assertEqual(user.user_id, "user_id") self.assertEqual(user.user_ik, "user_ik") def test_check_session_with_no_user_id_in_session(self): with self.app_request_context("/status"): with patch("app.authentication.authenticator.get_session_store", return_value=None): # When user = load_user() # Then self.assertIsNone(user) def test_load_user(self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create("eq_session_id", "user_id", self.session_data, self.expires_at) cookie_session[USER_IK] = "user_ik" # When user = user_loader(None) # Then self.assertEqual(user.user_id, "user_id") self.assertEqual(user.user_ik, "user_ik") def test_request_load_user(self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create("eq_session_id", "user_id", self.session_data, self.expires_at) cookie_session[USER_IK] = "user_ik" # When user = request_load_user(None) # Then self.assertEqual(user.user_id, "user_id") self.assertEqual(user.user_ik, "user_ik") def test_no_user_when_session_has_expired(self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create( "eq_session_id", "user_id", self.session_data, expires_at=datetime.now(tzutc()), ) cookie_session[USER_IK] = "user_ik" # When user = user_loader(None) # Then self.assertIsNone(user) self.assertIsNone(cookie_session.get(USER_IK)) def test_valid_user_does_not_extend_session_expiry_when_expiry_less_than_60_seconds_different( self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create("eq_session_id", "user_id", self.session_data, self.expires_at) cookie_session[USER_IK] = "user_ik" cookie_session["expires_in"] = 5 # When user = user_loader(None) # Then self.assertEqual(user.user_id, "user_id") self.assertEqual(user.user_ik, "user_ik") self.assertEqual(user.is_authenticated, True) self.assertEqual(self.session_store.expiration_time, self.expires_at) def test_valid_user_extends_session_expiry_when_expiry_greater_than_60_seconds_different( self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create("eq_session_id", "user_id", self.session_data, self.expires_at) cookie_session[USER_IK] = "user_ik" cookie_session["expires_in"] = 600 # When user = user_loader(None) # Then self.assertEqual(user.user_id, "user_id") self.assertEqual(user.user_ik, "user_ik") self.assertEqual(user.is_authenticated, True) self.assertGreater(self.session_store.expiration_time, self.expires_at) def test_session_still_valid_without_expiration_time(self): with self.app_request_context("/status"): with patch( "app.authentication.authenticator.get_session_store", return_value=self.session_store, ): # Given self.session_store.create( "eq_session_id", "user_id", self.session_data) # expires_at = None cookie_session[USER_IK] = "user_ik" # When user = user_loader(None) # Then self.assertEqual(user.user_id, "user_id") self.assertEqual(user.user_ik, "user_ik") self.assertEqual(user.is_authenticated, True) self.assertIsNone(self.session_store.expiration_time)
def test_load(self): session_store = SessionStore(self.user_ik, self.pepper, self.session_id) self.assertEqual(session_store.session_data.tx_id, self.session_data.tx_id)
class SessionStoreTest(AppContextTestCase): def setUp(self): super().setUp() self._app.permanent_session_lifetime = timedelta(seconds=1) self.session_store = SessionStore("user_ik", "pepper") self.expires_at = datetime.utcnow() + timedelta(seconds=1) self.session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", questionnaire_id="questionnaire_id", response_id="response_id", case_id="case_id", ) def test_no_session(self): with self._app.test_request_context(): self.assertIsNone(self.session_store.user_id) self.assertIsNone(self.session_store.session_data) def test_create(self): with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", self.session_data, self.expires_at) self.assertEqual("eq_session_id", self.session_store.eq_session_id) self.assertEqual("test", self.session_store.user_id) self.assertEqual(self.session_data, self.session_store.session_data) def test_save(self): with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", self.session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertEqual(session_store.session_data.tx_id, "tx_id") def test_delete(self): with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", self.session_data, self.expires_at).save() self.assertEqual("test", self.session_store.user_id) self.session_store.delete() self.assertEqual(self.session_store.user_id, None) def test_create_save_delete_with_no_expiry(self): with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", self.session_data).save() self.assertEqual("eq_session_id", self.session_store.eq_session_id) self.assertEqual("test", self.session_store.user_id) self.assertEqual(self.session_data, self.session_store.session_data) self.assertIsNone(self.session_store.expiration_time) self.session_store.delete() self.assertEqual(self.session_store.user_id, None) def test_add_data_to_session(self): with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", self.session_data, self.expires_at).save() current_time = datetime.utcnow().isoformat() self.session_store.session_data.submitted_time = current_time self.session_store.save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertEqual(session_store.session_data.submitted_time, current_time) def test_should_not_delete_when_no_session(self): with self.app_request_context("/status") as context: # Call clear with a valid user_id but no session in database self.session_store.delete() # No database calls should have been made self.assertEqual( context.app.eq["storage"].client.delete_call_count, 0) def test_session_store_ignores_new_values_in_session_data(self): session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", response_id="response_id", questionnaire_id="questionnaire_id", case_id="case_id", ) session_data.additional_value = "some cool new value you do not know about yet" with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertFalse( hasattr(session_store.session_data, "additional_value")) def test_session_store_ignores_multiple_new_values_in_session_data(self): session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", response_id="response_id", questionnaire_id="questionnaire_id", case_id="case_id", ) session_data.additional_value = "some cool new value you do not know about yet" session_data.second_additional_value = "some other not so cool value" with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertFalse( hasattr(session_store.session_data, "additional_value")) self.assertFalse( hasattr(session_store.session_data, "second_additional_value")) def test_session_store_stores_trading_as_value_if_present(self): session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", response_id="response_id", questionnaire_id="questionnaire_id", trad_as="trading_as", case_id="case_id", ) with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertTrue(hasattr(session_store.session_data, "trad_as")) def test_session_store_stores_none_for_trading_as_if_not_present(self): session_data = SessionData( tx_id="tx_id", schema_name="some_schema_name", period_str="period_str", language_code=None, survey_url=None, ru_name="ru_name", ru_ref="ru_ref", response_id="response_id", questionnaire_id="questionnaire_id", case_id="case_id", ) with self._app.test_request_context(): self.session_store.create("eq_session_id", "test", session_data, self.expires_at).save() session_store = SessionStore("user_ik", "pepper", "eq_session_id") self.assertIsNone(session_store.session_data.trad_as)
class SessionStoreTest(AppContextTestCase): def setUp(self): super().setUp() self._app.permanent_session_lifetime = timedelta(seconds=1) self.session_store = SessionStore('user_ik', 'pepper') self.session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') def test_no_session(self): with self._app.test_request_context(): self.assertIsNone(self.session_store.user_id) self.assertIsNone(self.session_store.session_data) def test_create(self): with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', self.session_data) self.assertEqual('eq_session_id', self.session_store.eq_session_id) self.assertEqual('test', self.session_store.user_id) self.assertEqual(self.session_data, self.session_store.session_data) def test_save(self): with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', self.session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertEqual(session_store.session_data.tx_id, 'tx_id') def test_delete(self): with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', self.session_data).save() self.assertEqual('test', self.session_store.user_id) self.session_store.delete() self.assertEqual(self.session_store.user_id, None) def test_add_data_to_session(self): with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', self.session_data).save() current_time = datetime.utcnow().isoformat() self.session_store.session_data.submitted_time = current_time self.session_store.save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertEqual(session_store.session_data.submitted_time, current_time) def test_should_not_delete_when_no_session(self): with self.app_request_context('/status'): with patch('app.data_model.models.db.session.delete') as delete: # Call clear with a valid user_id but no session in database self.session_store.delete() # No database calls should have been made self.assertFalse(delete.called) def test_session_store_ignores_new_values_in_session_data(self): session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') session_data.additional_value = 'some cool new value you do not know about yet' with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertFalse( hasattr(session_store.session_data, 'additional_value')) def test_session_store_ignores_multiple_new_values_in_session_data(self): session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') session_data.additional_value = 'some cool new value you do not know about yet' session_data.second_additional_value = 'some other not so cool value' with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertFalse( hasattr(session_store.session_data, 'additional_value')) self.assertFalse( hasattr(session_store.session_data, 'second_additional_value')) def test_session_store_stores_trading_as_value_if_present(self): session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', trad_as='trading_as', case_id='case_id') with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertTrue(hasattr(session_store.session_data, 'trad_as')) def test_session_store_stores_none_for_trading_as_if_not_present(self): session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertIsNone(session_store.session_data.trad_as) def test_session_store_reads_data_saved_without_trading_as_but_read_expecting_trading_as( self): old_session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', case_id='case_id') delattr(old_session_data, 'trad_as') # Make class look like old style class with self._app.test_request_context(): self.session_store.create('eq_session_id', 'test', old_session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertIsNone(session_store.session_data.trad_as) def test_session_store_reads_data_saved_with_trading_as_but_read_not_expecting_trading_as( self): """This test simulates the case where a session is created using a new session store that holds trading as but this gets read in an old session that does NOT support trading as """ original_loads_func = json.loads class OldSessionData: """class representing what old sessions expect ( no trading as) """ def __init__(self, tx_id, eq_id, form_type, period_str, language_code, survey_url, ru_name, ru_ref, case_id, case_ref=None, account_service_url=None, submitted_time=None, **_): self.tx_id = tx_id self.eq_id = eq_id self.form_type = form_type self.period_str = period_str self.language_code = language_code self.survey_url = survey_url self.ru_name = ru_name self.ru_ref = ru_ref self.submitted_time = submitted_time self.case_id = case_id self.case_ref = case_ref self.account_service_url = account_service_url def old_json_loader(raw, object_hook): # pylint: disable=unused-argument """replacement for json.loads to decode to old format ( no trading as) """ old_data = original_loads_func( raw, object_hook=lambda d: OldSessionData( **d)) # call json.loads ,hook pointing to an old class return old_data session_data = SessionData(tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', trad_as='trading_as_name', case_id='case_id') with self._app.test_request_context(): with patch('app.data_model.session_store.json.loads', old_json_loader ): # patch json.loads to use old_json_loader above self.session_store.create('eq_session_id', 'test', session_data).save() session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') self.assertFalse(hasattr(session_store.session_data, 'trad_as'))
class TestAuthenticator(AppContextTestCase): # pylint: disable=too-many-public-methods def setUp(self): super().setUp() self.session_data = SessionData( tx_id='tx_id', eq_id='eq_id', form_type='form_type', period_str='period_str', language_code=None, survey_url=None, ru_name='ru_name', ru_ref='ru_ref', ) self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id') def test_check_session_with_user_id_in_session(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data) session[USER_IK] = 'user_ik' # When user = load_user() # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') def test_check_session_with_no_user_id_in_session(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=None): # When user = load_user() # Then self.assertIsNone(user) def test_load_user(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data) session[USER_IK] = 'user_ik' # When user = user_loader(None) # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik') def test_request_load_user(self): with self.app_request_context('/status'): with patch('app.authentication.authenticator.get_session_store', return_value=self.session_store): # Given self.session_store.create('eq_session_id', 'user_id', self.session_data) session[USER_IK] = 'user_ik' # When user = request_load_user(None) # Then self.assertEqual(user.user_id, 'user_id') self.assertEqual(user.user_ik, 'user_ik')