def test_unauthenticated_request(self): """ An unauthenticated search should not be possible """ url = reverse("v1:search-list") client = get_unauthenticated_client() response = client.get(url, self.MOCK_SEARCH_QUERY_PARAMETERS) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_without_authentication_code(self): """ fails if no authentication code is sent """ url = reverse("oidc-authenticate") client = get_unauthenticated_client() response = client.post(url, {}) self.assertEquals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_unauthenticated_request(self): """ An unauthenticated request should not be possible """ url = self._get_url() client = get_unauthenticated_client() response = client.get(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_request_get(self): """ An unauthenticated request should not be possible """ url = reverse("v1:itinerary-list") client = get_unauthenticated_client() response = client.get(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_request(self): """ An unauthenticated request should not be possible """ url = reverse("v1:case-detail", kwargs={"pk": "foo"}) client = get_unauthenticated_client() response = client.get(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_health_default_url_view(self, mock_assert_health_generic): """ URL endpoint for health_default can be called """ url = reverse("health-default") client = get_unauthenticated_client() response = client.get(url) mock_assert_health_generic.assert_called() self.assertEquals(response.status_code, 200)
def test_unauthenticated_request_get(self): """ An unauthenticated request should not be possible """ itinerary = Itinerary.objects.create() url = reverse("v1:itinerary-team", kwargs={"pk": itinerary.id}) client = get_unauthenticated_client() response = client.get(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_requests(self): """ is_authorized false when user is not logged in """ url = reverse("is-authorized") client = get_unauthenticated_client() response = client.get(url) expected_response = {"is_authorized": False} self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEquals(response.json(), expected_response)
def test_with_authentication_code(self, mock_AuthenticationBackend): """ succeeds if an authentication code is sent """ mock_AuthenticationBackend.authenticate = Mock() mock_AuthenticationBackend.authenticate.return_value = get_test_user() url = reverse("oidc-authenticate") client = get_unauthenticated_client() response = client.post(url, {"code": "FOO-CODE"}) self.assertEquals(response.status_code, status.HTTP_200_OK)
def test_health_bwv_url_view(self, mock_assert_health_generic, mock_assert_health_database_tables): """ URL endpoint for health_bwv can be called """ url = reverse("health-bwv") client = get_unauthenticated_client() response = client.get(url) mock_assert_health_generic.assert_called() mock_assert_health_database_tables.assert_called() self.assertEquals(response.status_code, 200)
def test_with_failing_authentication_code(self, mock_AuthenticationBackend): """ Returns a bad request if the authentication using the code fails """ # Mock the authenticate dependencies mock_authenticate = Mock() mock_AuthenticationBackend.return_value = mock_authenticate # Calling the authenticate calls a side effect containing an exception. # This should cause the authenticate request to fail mock_authenticate.authenticate = Mock(side_effect=Exception("FOO Exception")) url = reverse("v1:oidc-authenticate") client = get_unauthenticated_client() response = client.post(url, {"code": "FOO-CODE"}) self.assertEquals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_with_authentication_code_response(self, mock_AuthenticationBackend): """ Returns a refresh and access token if authentication is succesful """ mock_AuthenticationBackend.authenticate = Mock() mock_AuthenticationBackend.authenticate.return_value = get_test_user() url = reverse("v1:oidc-authenticate") client = get_unauthenticated_client() response = client.post(url, {"code": "FOO-CODE"}) token_response = response.json() # The response contains a refresh and an access token and a user object self.assertEquals(list(token_response.keys()), ["refresh", "access", "user"]) self.assertIsNotNone(token_response["refresh"]) self.assertIsNotNone(token_response["access"]) self.assertIsNotNone(token_response["user"])
def test_unauthenticated_put(self): """ An unauthenticated request should not be possible """ DAY_SETTINGS_ID = 1 DAY_SETTINGS_NAME = "FOO_NAME" team_settings_1 = baker.make(TeamSettings) baker.make( DaySettings, team_settings=team_settings_1, id=DAY_SETTINGS_ID, name=DAY_SETTINGS_NAME, ) url = reverse("v1:day-settings-detail", kwargs={"pk": DAY_SETTINGS_ID}) client = get_unauthenticated_client() response = client.put(url, {}) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_get(self): url = reverse("teams-reasons", kwargs={"pk": 1}) client = get_unauthenticated_client() response = client.get(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_post(self): url = reverse("visits-list") client = get_unauthenticated_client() response = client.post(url, data={}, format="json") self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_get(self): url = reverse("visits-list") client = get_unauthenticated_client() response = client.get(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_unauthenticated_post(self): url = reverse("debriefings-list") client = get_unauthenticated_client() response = client.post(url, {}) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)