class FacadeTest(FluidinfoTestCase): """ Simple tests of L{Facade} functionality that are not to do with user creation or authentication. """ resources = [('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource()), ('threadPool', ThreadPoolResource())] def setUp(self): super(FacadeTest, self).setUp() factory = FluidinfoSessionFactory('API-9000') self.transact = Transact(self.threadPool) self.facade = Facade(self.transact, factory) self.system = createSystemData() @inlineCallbacks def testCreateAnonymousSession(self): """ L{FacadeAuthMixin.createAnonymousSession} creates a L{FluidinfoSession} for the anonymous user C{anon} so that anonymous requests coming from the C{WSFE} can be correctly verified by the L{Facade}. """ anon = self.system.users[u'anon'] self.store.commit() session = yield self.facade.createAnonymousSession() self.assertEqual('anon', session.auth.username) self.assertEqual(anon.objectID, session.auth.objectID)
class NamespaceAPITest(NamespaceAPITestMixin, FluidinfoTestCase): resources = [('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(NamespaceAPITest, self).setUp() self.system = createSystemData() UserAPI().create([(u'username', u'password', u'User', u'*****@*****.**')]) self.user = getUser(u'username') self.namespaces = NamespaceAPI(self.user) self.permissions = PermissionAPI(self.user) def testCreateWithoutData(self): """ L{NamespaceAPI.create} returns an empty C{list} if no L{Namespace} data is available. """ result = self.namespaces.create([]) self.assertEqual([], result) ignored = (self.system.namespaces.keys() + [u'username', u'username/private']) result = self.store.find(Namespace, Not(Namespace.path.is_in(ignored))) self.assertIdentical(None, result.one()) def testPermissionsAreNotCreatedIfCreateFails(self): """ If L{NamespaceAPI.create} fails, no permissions should be created. """ self.assertRaises(MalformedPathError, self.namespaces.create, [(u'!!!!/test', u'description')]) result = getNamespacePermissions([u'username/test']) self.assertTrue(result.is_empty())
class RecentActivityAPITest(RecentActivityAPITestMixin, FluidinfoTestCase): resources = [('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(RecentActivityAPITest, self).setUp() createSystemData() self.recentActivity = RecentActivityAPI() UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) self.user = getUser(u'user') def getObjectAPI(self, user): """Get an L{ObjectAPI} instance for the specified user. @param user: The L{User} to configure the L{ObjectAPI} instance. @return: An L{ObjectAPI} instance. """ return ObjectAPI(user) def getTagValueAPI(self, user): """Get a L{TagValueAPI} instance for the specified user. @param user: The L{User} to configure the L{TagValueAPI} instance. @return: A L{TagValueAPI} instance. """ return TagValueAPI(user)
class GetCacheClientTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource())] def testGetCacheClient(self): """ L{getCacheClient} returns a configured L{Redis} client that is ready to use. """ client = getCacheClient() self.assertIsInstance(client, Redis) def testGetCacheClientUsesGlobalConnectionPool(self): """ L{getCacheClient} returns a L{Redis} client that uses the global connection pool. """ client = getCacheClient() connectionPool = getCacheConnectionPool() self.assertIdentical(client.connection_pool, connectionPool) def testGetCacheClientsUseTheSameConnectionPool(self): """ L{getCacheClient} returns a L{Redis} client that uses the global connection pool. """ client1 = getCacheClient() client2 = getCacheClient() self.assertIdentical(client1.connection_pool, client2.connection_pool)
class SecureRecentActivityAPIWithBrokenCacheTest(RecentActivityAPITestMixin, FluidinfoTestCase): resources = [('cache', BrokenCacheResource()), ('client', IndexResource()), ('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource())] def setUp(self): super(SecureRecentActivityAPIWithBrokenCacheTest, self).setUp() createSystemData() UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) self.user = getUser(u'user') self.recentActivity = SecureRecentActivityAPI(self.user) def getObjectAPI(self, user): """Get an L{CachingObjectAPI} instance for the specified user. @param user: The L{User} to configure the L{CachingObjectAPI} instance. @return: An L{CachingObjectAPI} instance. """ return CachingObjectAPI(user) def getTagValueAPI(self, user): """Get a L{TagValueAPI} instance for the specified user. @param user: The L{User} to configure the L{TagValueAPI} instance. @return: A L{TagValueAPI} instance. """ return CachingTagValueAPI(user)
class AuthenticateTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def testAuthenticate(self): """ L{authenticate} will be successful if the C{username} and the plaintext C{password} passed match a L{User} in the database. """ user = createUser(u'fred', u'fred-secret', u'Fred', u'*****@*****.**') self.assertIdentical(user, authenticate(u'fred', u'fred-secret')) def testAuthenticateFailsWithIncorrectPassword(self): """ L{authenticate} will be unsuccessful if the C{username} and the plaintext C{password} passed don't match a L{User} in the database. """ createUser(u'fred', u'fred-secret', u'Fred', u'*****@*****.**') self.assertRaises(AuthenticationError, authenticate, u'fred', u'bad-secret') def testAuthenticateFailsWithUnknownUser(self): """ L{authenticate} will be unsuccessful if the C{username} and the plaintext C{password} passed don't match a L{User} in the database. """ error = self.assertRaises(UnknownUserError, authenticate, u'unknown', u'bad-secret') self.assertEqual([u'unknown'], error.usernames)
class IsEqualsQueryTest(FluidinfoTestCase): resources = [('config', ConfigResource())] def testIsEqualsQuery(self): """ L{isEqualsQuery} returns C{True} if the given query uses the C{equals} operator and the given path. """ query = parseQuery(u'fluiddb/about = "test"') self.assertTrue(isEqualsQuery(query, u'fluiddb/about')) def testIsEqualsQueryWithOtherOperator(self): """ L{isEqualsQuery} returns C{False} if the given query doesn't use the C{equals} operator operator and the given path. """ query = parseQuery(u'fluiddb/about > "test"') self.assertFalse(isEqualsQuery(query, u'fluiddb/about')) def testIsEqualsQueryWithDifferentPath(self): """ L{isEqualsQuery} returns C{True} if the given query uses the C{equals} operator but not the given path. """ query = parseQuery(u'other/path = "test"') self.assertFalse(isEqualsQuery(query, u'different/path'))
class RootResourceTest(FluidinfoTestCase): resources = [('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource()), ('threadPool', ThreadPoolResource())] def setUp(self): super(RootResourceTest, self).setUp() factory = FluidinfoSessionFactory('API-9000') transact = Transact(self.threadPool) createSystemData() self.checker = AnonymousChecker() self.checker.facadeClient = Facade(transact, factory) getConfig().set('service', 'allow-anonymous-access', 'False') @inlineCallbacks def testAnonymousAccessDenied(self): """ L{FacadeAnonymousCheckerTest.requestAvatarId} returns an C{UnauthorizedLogin} for access by the C{anon} user if the C{allow-anonymous-access} configuration option is C{False}. The C{UnauthorizedLogin} is the C{session} attribute in L{RootResource} and must result in the C{getChild} method returning a L{WSFEUnauthorizedResource} instance. """ self.store.commit() session = yield self.checker.requestAvatarId(credentials=None) self.assertTrue(isinstance(session, UnauthorizedLogin)) root = RootResource(self.checker.facadeClient, session) request = FakeRequest() root.getChild('/', request)
class SecureNamespaceAPIWithSuperuserTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureNamespaceAPIWithSuperuserTest, self).setUp() system = createSystemData() user = system.users[u'fluiddb'] self.namespaces = SecureNamespaceAPI(user) self.permissions = CachingPermissionAPI(user) def testCreateIsAllowed(self): """ Creating a new L{Namespace} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ values = [(u'fluiddb', Operation.CREATE_NAMESPACE, Policy.CLOSED, [])] self.permissions.set(values) result = self.namespaces.create([(u'fluiddb/test', u'description')]) self.assertEqual(1, len(result)) def testDeleteIsAllowed(self): """ Deleting a L{Namespace} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ result1 = self.namespaces.create([(u'fluiddb/test', u'description')]) values = [(u'fluiddb/test', Operation.DELETE_NAMESPACE, Policy.CLOSED, [])] self.permissions.set(values) result2 = self.namespaces.delete([u'fluiddb/test']) self.assertEqual(result1, result2) def testSetIsAllowed(self): """ Updating a L{Namespace} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ self.namespaces.create([(u'fluiddb/test', u'description')]) values = [(u'fluiddb/test', Operation.UPDATE_NAMESPACE, Policy.CLOSED, [])] self.permissions.set(values) self.namespaces.set({u'fluiddb/test': u'new description'}) def testGetIsAllowed(self): """ Getting information about a L{Namespace} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ self.namespaces.create([(u'fluiddb/test', u'description')]) values = [(u'fluiddb/test', Operation.LIST_NAMESPACE, Policy.CLOSED, [])] self.permissions.set(values) result = self.namespaces.get([u'fluiddb'], withDescriptions=False, withTags=True, withNamespaces=True) self.assertEqual(1, len(result))
class UserAPITest(UserAPITestMixin, FluidinfoTestCase): resources = [('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(UserAPITest, self).setUp() self.system = createSystemData() self.users = UserAPI()
class CachingUserAPIWithBrokenCacheTest(UserAPITestMixin, FluidinfoTestCase): resources = [('cache', BrokenCacheResource()), ('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource())] def setUp(self): super(CachingUserAPIWithBrokenCacheTest, self).setUp() self.system = createSystemData() self.users = CachingUserAPI()
class SecureUserAPITest(UserAPITestMixin, CachingUserAPITestMixin, FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureUserAPITest, self).setUp() self.system = createSystemData() user = self.system.users[u'fluiddb'] self.users = SecureUserAPI(user)
class APIFactoryTest(FluidinfoTestCase): resources = [('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(APIFactoryTest, self).setUp() self.system = createSystemData() UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) self.user = getUser(u'user') self.factory = APIFactory() def testUsers(self): """L{APIFactory.users} returns a usable L{UserAPI} instance.""" self.assertIsInstance(self.factory.users(), UserAPI) def testObjects(self): """L{APIFactory.objects} returns a usable L{ObjectAPI} instance.""" self.assertIsInstance(self.factory.objects(self.user), ObjectAPI) def testNamespaces(self): """ L{APIFactory.namespaces} returns a usable L{NamespaceAPI} instance. """ self.assertIsInstance(self.factory.namespaces(self.user), NamespaceAPI) def testTags(self): """L{APIFactory.tags} returns a usable L{TagAPI} instance.""" self.assertIsInstance(self.factory.tags(self.user), TagAPI) def testTagValues(self): """L{APIFactory.tagValues} returns a usable L{TagValueAPI} instance.""" self.assertIsInstance(self.factory.tagValues(self.user), TagValueAPI) def testPermissions(self): """ L{APIFactory.permissions} returns a usable L{PermissionAPI} instance. """ self.assertIsInstance(self.factory.permissions(self.user), PermissionAPI) def testPermissionCheckers(self): """ L{APIFactory.permissionCheckers} returns a usable L{PermissionCheckerAPI} instance. """ self.assertIsInstance(self.factory.permissionCheckers(), PermissionCheckerAPI) def testRecentActivity(self): """ L{APIFactory.recentActivity} returns a usable L{RecentActivityAPI} instance. """ self.assertIsInstance(self.factory.recentActivity(), RecentActivityAPI)
class SecureUserAPIWithAnonymousRoleTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureUserAPIWithAnonymousRoleTest, self).setUp() system = createSystemData() self.user = system.users[u'anon'] self.users = SecureUserAPI(self.user) def testCreateIsDenied(self): """ L{SecureUserAPI.create} raises a L{PermissionDeniedError} if it's invoked by a L{User} with the L{Role.ANONYMOUS}. """ values = [(u'user', u'secret', u'User', u'*****@*****.**')] error = self.assertRaises(PermissionDeniedError, self.users.create, values) self.assertEqual(self.user.username, error.username) self.assertEqual([(u'user', Operation.CREATE_USER)], error.pathsAndOperations) def testDeleteIsDenied(self): """ L{SecureUserAPI.delete} raises a L{PermissionDeniedError} if it's invoked by a L{User} with the L{Role.ANONYMOUS}. """ error = self.assertRaises(PermissionDeniedError, self.users.delete, [u'user']) self.assertEqual(self.user.username, error.username) self.assertEqual([(u'user', Operation.DELETE_USER)], error.pathsAndOperations) def testGetIsAllowed(self): """ L{SecureUserAPI.get} can always be invoked by a L{User} with the L{Role.ANONYMOUS}. """ UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) result = self.users.get([u'user']) self.assertIn(u'user', result) def testSetIsDenied(self): """ L{SecureUserAPI.set} raises a L{PermissionDeniedError} if it's invoked by a L{User} with the L{Role.ANONYMOUS}. """ values = [(u'user', u'secret', u'User', u'*****@*****.**', None)] error = self.assertRaises(PermissionDeniedError, self.users.set, values) self.assertEqual(self.user.username, error.username) self.assertEqual([(u'user', Operation.UPDATE_USER)], error.pathsAndOperations)
class GetObjectIndexTest(FluidinfoTestCase): resources = [('config', ConfigResource())] def testGetObjectIndex(self): """ L{getObjectIndex} returns a configured L{ObjectIndex} that is ready to use. """ index = getObjectIndex() self.assertIsInstance(index, ObjectIndex)
class OAuthRenewalTokenTest(OAuthAccessTokenBaseTestMixin, FluidinfoTestCase): cls = OAuthRenewalToken resources = [('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(OAuthRenewalTokenTest, self).setUp() createSystemData() secret = ''.join(sample(ALPHABET, 16)) self.config.set('oauth', 'renewal-secret', secret)
class ObjectAPITest(ObjectAPITestMixin, FluidinfoTestCase): resources = [('client', IndexResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(ObjectAPITest, self).setUp() self.system = createSystemData() UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) self.user = getUser(u'user') self.objects = ObjectAPI(self.user)
class TagAPITest(TagAPITestMixin, FluidinfoTestCase): resources = [('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(TagAPITest, self).setUp() self.system = createSystemData() UserAPI().create([(u'username', u'password', u'User', u'*****@*****.**')]) self.user = getUser(u'username') self.permissions = PermissionAPI(self.user) self.tags = TagAPI(self.user)
class SecureTagAPIWithSuperuserTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureTagAPIWithSuperuserTest, self).setUp() system = createSystemData() user = system.users[u'fluiddb'] self.tags = SecureTagAPI(user) self.permissions = CachingPermissionAPI(user) def testCreateIsAllowed(self): """ Creating a new L{Tag} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ values = [(u'fluiddb', Operation.CREATE_NAMESPACE, Policy.CLOSED, [])] self.permissions.set(values) result = self.tags.create([(u'fluiddb/test', u'description')]) self.assertEqual(1, len(result)) def testDeleteIsAllowed(self): """ Deleting a L{Tag} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ result1 = self.tags.create([(u'fluiddb/test', u'description')]) values = [(u'fluiddb/test', Operation.DELETE_TAG, Policy.CLOSED, [])] self.permissions.set(values) result2 = self.tags.delete([u'fluiddb/test']) self.assertEqual(result1, result2) def testSetIsAllowed(self): """ Updating a L{Tag} should be allowed if we're a user with a L{Role.SUPERUSER} no matter what permissions we have. """ result = self.tags.create([(u'fluiddb/test', u'A description')]) [(objectID, _)] = result values = [(u'fluiddb/test', Operation.UPDATE_TAG, Policy.CLOSED, [])] self.permissions.set(values) self.tags.set({u'fluiddb/test': u'A new description'}) result = self.tags.get([u'fluiddb/test'], withDescriptions=True) expected = { u'fluiddb/test': { 'id': objectID, 'description': u'A new description' } } self.assertEqual(expected, result)
class CachingRecentActivityAPITest(RecentActivityAPITestMixin, CachingRecentActivityAPITestMixin, FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(CachingRecentActivityAPITest, self).setUp() createSystemData() self.recentActivity = CachingRecentActivityAPI() UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) self.user = getUser(u'user')
class CachingPermissionAPIWithBrokenCacheTest(PermissionAPITestMixin, FluidinfoTestCase): resources = [('cache', BrokenCacheResource()), ('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource())] def setUp(self): super(CachingPermissionAPIWithBrokenCacheTest, self).setUp() self.system = createSystemData() UserAPI().create([(u'username', u'password', u'User', u'*****@*****.**')]) self.user = getUser(u'username') self.permissions = CachingPermissionAPI(self.user)
class SecureUserAPIWithSuperuserRoleTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureUserAPIWithSuperuserRoleTest, self).setUp() self.system = createSystemData() self.users = SecureUserAPI(self.system.users[u'fluiddb']) def testCreateIsAllowed(self): """ L{SecureUserAPI.create} can always be invoked by a L{User} with the L{Role.SUPERUSER}. """ self.users.create([(u'user', u'secret', u'User', u'*****@*****.**')]) user = getUser(u'user') self.assertEqual(u'user', user.username) def testDeleteIsAllowed(self): """ L{SecureUserAPI.delete} can always be invoked by a L{User} with the L{Role.SUPERUSER}. """ UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) namespaces = SecureNamespaceAPI(self.system.users['fluiddb']) namespaces.delete([u'user/private']) self.users.delete([u'user']) self.assertIdentical(None, getUser(u'user')) def testGetIsAllowed(self): """ L{SecureUserAPI.get} can always be invoked by a L{User} with the L{Role.SUPERUSER}. """ UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) result = self.users.get([u'user']) self.assertIn(u'user', result) def testSetIsAllowed(self): """ L{SecureUserAPI.set} can always be invoked by a L{User} with the L{Role.SUPERUSER}. """ UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')]) user = getUser(u'user') self.users.set([(u'user', u'secret', u'User', u'*****@*****.**', None)]) self.assertEqual(u'*****@*****.**', user.email)
class SecureCommentAPIWithAnonymousRoleTest(FluidinfoTestCase): resources = [('config', ConfigResource()), ('client', IndexResource()), ('store', DatabaseResource())] def setUp(self): super(SecureCommentAPIWithAnonymousRoleTest, self).setUp() system = createSystemData() self.anon = system.users[u'anon'] def testCreateIsDenied(self): """ L{SecureObjectAPI.create} raises a L{PermissionDeniedError} if it's invoked by a L{User} with the L{Role.ANONYMOUS}. """ commentAPI = SecureCommentAPI(self.anon) error = self.assertRaises(PermissionDeniedError, commentAPI.create, 'text...', 'joe') self.assertEqual(self.anon.username, error.username) self.assertEqual( [(u'fluidinfo.com/info/username', Operation.WRITE_TAG_VALUE)], error.pathsAndOperations) def testDeleteIsDenied(self): """ L{SecureObjectAPI.delete} raises a L{PermissionDeniedError} if it's invoked by a L{User} with the L{Role.ANONYMOUS}. """ commentAPI = SecureCommentAPI(self.anon) error = self.assertRaises(PermissionDeniedError, commentAPI.delete, 'digg.com', 'joe', datetime.utcnow()) self.assertEqual(self.anon.username, error.username) self.assertEqual( [(u'fluidinfo.com/info/username', Operation.DELETE_TAG_VALUE)], error.pathsAndOperations) def testUpdateWithAnonymous(self): """ L{SecureObjectAPI.update} raises a L{PermissionDeniedError} if it's invoked by a L{User} with the L{Role.ANONYMOUS}. """ commentAPI = SecureCommentAPI(self.anon) error = self.assertRaises(PermissionDeniedError, commentAPI.update, 'digg.com', 'joe', datetime.utcnow(), u'new') self.assertEqual(self.anon.username, error.username) self.assertEqual( [(u'fluidinfo.com/info/username', Operation.WRITE_TAG_VALUE)], error.pathsAndOperations)
class SecureNamespaceAPITest(NamespaceAPITestMixin, CachingNamespaceAPITestMixin, SecureNamespaceAPITestMixin, FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureNamespaceAPITest, self).setUp() self.system = createSystemData() UserAPI().create([(u'username', u'password', u'User', u'*****@*****.**')]) self.user = getUser(u'username') self.namespaces = SecureNamespaceAPI(self.user) self.permissions = CachingPermissionAPI(self.user)
class ObjectCacheTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('log', LoggingResource(format='%(message)s'))] def setUp(self): super(ObjectCacheTest, self).setUp() self.objectCache = ObjectCache() def testGetReturnsObjectsInCache(self): """L{ObjectCache.get} returns the objectIDs saved in the cache.""" objectID1 = uuid4() objectID2 = uuid4() self.cache.set(u'about:about1', str(objectID1)) self.cache.set(u'about:about2', str(objectID2)) result = self.objectCache.get([u'about1', u'about2']) expected = {u'about1': objectID1, u'about2': objectID2} self.assertEqual(expected, result.results) self.assertEqual([], result.uncachedValues) def testGetReturnsUncachedValues(self): """ L{ObjectCache.get} returns values not found in the cache in the C{uncachedValues} field of the L{CacheResult} object. """ objectID1 = uuid4() self.cache.set(u'about:about1', str(objectID1)) result = self.objectCache.get([u'about1', u'about2', u'about3']) self.assertEqual({u'about1': objectID1}, result.results) self.assertEqual([u'about2', u'about3'], result.uncachedValues) def testGetWithUnicodeAboutValue(self): """ L{ObjectCache.get} correctly get objectIDs with unicode about values. """ objectID1 = uuid4() self.cache.set(u'about:\N{HIRAGANA LETTER A}', str(objectID1)) result = self.objectCache.get([u'\N{HIRAGANA LETTER A}']) self.assertEqual({u'\N{HIRAGANA LETTER A}': objectID1}, result.results) self.assertEqual([], result.uncachedValues) def testSaveStoresValuesInTheCache(self): """L{ObjectCache.save} stores a result in the cache.""" objectID1 = uuid4() objectID2 = uuid4() self.objectCache.save({u'about1': objectID1, u'about2': objectID2}) self.assertEqual(str(objectID1), self.cache.get('about:about1')) self.assertEqual(str(objectID2), self.cache.get('about:about2'))
class SecureTagAPIWithAnonymousRoleTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureTagAPIWithAnonymousRoleTest, self).setUp() system = createSystemData() self.anon = system.users[u'anon'] UserAPI().create([(u'username', u'password', u'User', u'*****@*****.**')]) self.user = getUser(u'username') self.tags = SecureTagAPI(self.anon) def testCreateIsDenied(self): """ L{SecureTagAPI.create} raises a L{PermissionDeniedError} if its invoked by a L{User} with the L{Role.ANONYMOUS}. """ error = self.assertRaises(PermissionDeniedError, self.tags.create, [(u'user/foo', 'A foo tag')]) self.assertEqual(self.anon.username, error.username) self.assertEqual([('user', Operation.CREATE_NAMESPACE)], error.pathsAndOperations) def testDeleteIsDenied(self): """ L{SecureTagAPI.delete} raises a L{PermissionDeniedError} if its invoked by a L{User} with the L{Role.ANONYMOUS}. """ createTag(self.user, self.user.namespace, u'path') error = self.assertRaises(PermissionDeniedError, self.tags.delete, [u'user/path']) self.assertEqual(self.anon.username, error.username) self.assertEqual([('user/path', Operation.DELETE_TAG)], error.pathsAndOperations) def testSetIsDenied(self): """ L{SecureTagAPI.set} raises a L{PermissionDeniedError} if its invoked by a L{User} with the L{Role.ANONYMOUS}. """ createTag(self.user, self.user.namespace, u'path') error = self.assertRaises(PermissionDeniedError, self.tags.set, {u'user/path': 'A path tag'}) self.assertEqual(self.anon.username, error.username) self.assertEqual([('user/path', Operation.UPDATE_TAG)], error.pathsAndOperations)
class SecureTagValueAPIWithSuperuserRoleTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('store', DatabaseResource())] def setUp(self): super(SecureTagValueAPIWithSuperuserRoleTest, self).setUp() system = createSystemData() self.superuser = system.users[u'fluiddb'] TagAPI(self.superuser).create([(u'fluiddb/tag', u'description')]) self.tagValues = SecureTagValueAPI(self.superuser) self.permissions = CachingPermissionAPI(self.superuser) def testGetIsAllowed(self): """L{SecureTagValueAPI.get} is always allowed for the superuser.""" objectID = uuid4() values = {objectID: {u'fluiddb/tag': 16}} self.tagValues.set(values) self.permissions.set([(u'fluiddb/tag', Operation.READ_TAG_VALUE, Policy.CLOSED, [])]) result = self.tagValues.get(objectIDs=[objectID], paths=[u'fluiddb/tag']) self.assertEqual(16, result[objectID][u'fluiddb/tag'].value) def testSetIsAllowed(self): """L{SecureTagValueAPI.set} is always allowed for the superuser.""" self.permissions.set([(u'fluiddb/tag', Operation.WRITE_TAG_VALUE, Policy.CLOSED, [])]) objectID = uuid4() values = {objectID: {u'fluiddb/tag': 16}} self.tagValues.set(values) result = self.tagValues.get(objectIDs=[objectID], paths=[u'fluiddb/tag']) self.assertEqual(16, result[objectID][u'fluiddb/tag'].value) def testDeleteIsAllowed(self): """L{SecureTagValueAPI.delete} is always allowed for the superuser.""" self.permissions.set([(u'fluiddb/tag', Operation.DELETE_TAG_VALUE, Policy.CLOSED, [])]) objectID = uuid4() values = {objectID: {u'fluiddb/tag': 16}} self.tagValues.set(values) self.tagValues.delete([(objectID, u'fluiddb/tag')]) result = self.tagValues.get(objectIDs=[objectID], paths=[u'fluiddb/tag']) self.assertEqual({}, result)
class FacadeCheckerTest(FluidinfoTestCase): resources = [('cache', CacheResource()), ('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource()), ('threadPool', ThreadPoolResource())] def setUp(self): super(FacadeCheckerTest, self).setUp() factory = FluidinfoSessionFactory('API-9000') transact = Transact(self.threadPool) createSystemData() self.checker = FacadeChecker() self.checker.facadeClient = Facade(transact, factory) def testRequestAvatarIdWithIncorrectPassword(self): """ L{FacadeChecker.requestAvatarId} when passed credentials with an incorrect password must raise C{UnauthorizedLogin}. """ createUser(u'user', u'pass', u'User', u'*****@*****.**') self.store.commit() credentials = UsernamePassword('user', 'bad password') deferred = self.checker.requestAvatarId(credentials) return self.assertFailure(deferred, UnauthorizedLogin) def testRequestAvatarIdWithNonExistentUser(self): """ L{FacadeChecker.requestAvatarId} when passed credentials with a non-existent user must raise C{UnauthorizedLogin}. """ credentials = UsernamePassword('user', 'pass') deferred = self.checker.requestAvatarId(credentials) return self.assertFailure(deferred, UnauthorizedLogin) @inlineCallbacks def testRequestAvatarId(self): """ L{FacadeChecker.requestAvatarId} when passed credentials creates a L{FluidinfoSession} for the authenticated user only if credentials are correct. """ user = createUser(u'user', u'pass', u'User', u'*****@*****.**') self.store.commit() credentials = UsernamePassword('user', 'pass') session = yield self.checker.requestAvatarId(credentials) self.assertEqual(user.username, session.auth.username) self.assertEqual(user.objectID, session.auth.objectID)
class SecureObjectAPIWithBrokenCacheTest(ObjectAPITestMixin, SecureObjectAPITestMixin, FluidinfoTestCase): resources = [('cache', BrokenCacheResource()), ('client', IndexResource()), ('config', ConfigResource()), ('log', LoggingResource()), ('store', DatabaseResource())] def setUp(self): super(SecureObjectAPIWithBrokenCacheTest, self).setUp() self.system = createSystemData() UserAPI().create([(u'user', u'password', u'User', u'*****@*****.**')]) self.user = getUser(u'user') self.objects = SecureObjectAPI(self.user)
class BuildIndexTest(FluidinfoTestCase): resources = [('client', IndexResource()), ('config', ConfigResource()), ('store', DatabaseResource())] @inlineCallbacks def testBuildIndexWithoutData(self): """L{buildIndex} is effectively a no-op if the main store is empty.""" with open(os.devnull, 'w') as stream: yield buildIndex(self.client.url, stream=stream) response = yield self.client.search('*:*') self.assertEqual([], response.results.docs) @inlineCallbacks def testBuildIndexWithDirtyIndex(self): """ L{buildIndex} raises a C{RuntimeError} if the Solr index already contains documents. """ objectID = uuid4() index = ObjectIndex(self.client) yield index.update({objectID: {u'test/tag': 42}}) yield self.client.commit() yield self.assertFailure(buildIndex(self.client.url), RuntimeError) @inlineCallbacks def testBuildIndex(self): """ L{buildIndex} creates documents for all tags values in the main store. """ user = createUser(u'username', u'secret', u'User', u'*****@*****.**') namespace = createNamespace(user, u'username', None) tag = createTag(user, namespace, u'tag') objectID1 = uuid4() objectID2 = uuid4() createTagValue(user.id, tag.id, objectID1, 42) createTagValue(user.id, tag.id, objectID2, 65) with open(os.devnull, 'w') as stream: yield buildIndex(self.client.url, stream=stream) response = yield self.client.search('*:*') self.assertEqual( sorted([{ u'fluiddb/id': str(objectID1) }, { u'fluiddb/id': str(objectID2) }]), sorted(response.results.docs))