def test_update_session(self): """ Verify that accessing a session after one day updates the sessions 'last_visit' variable so that the session doesn't get purged. """ now = time.time() # Make sure the session has data so that it doesn't get dropped cursor = self.db.cursor() cursor.executemany("INSERT INTO session VALUES ('123456', 0, %s, %s)", [('last_visit', int(now - UPDATE_INTERVAL - 3600)), ('foo', 'bar')]) incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='anonymous', cgi_location='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) session.save() # updating should not require modifications self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires']) cursor.execute("SELECT var_value FROM session WHERE sid='123456' AND " "authenticated=0 AND var_name='last_visit'") self.assertAlmostEqual(now, int(cursor.fetchone()[0]), -1)
def test_authenticated_session_independence_var(self): """ Verify that an anonymous session with the same name as an authenticated session doesn't interfere with the latter. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('john', 1, 0)") cursor.execute("INSERT INTO session_attribute VALUES " "('john', 1, 'foo', 'bar')") cursor.execute("SELECT value FROM session_attribute " "WHERE sid='john' AND authenticated=1 AND name='foo'") self.assertEqual('bar', cursor.fetchone()[0]) incookie = Cookie() incookie['trac_session'] = 'john' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assert_('foo' not in session) session['foo'] = 'baz' session.save() cursor.execute("SELECT value FROM session_attribute " "WHERE sid='john' AND authenticated=1 AND name='foo'") rows = cursor.fetchall() self.assertEqual(1, len(rows)) self.assertEqual('bar', rows[0][0]) cursor.execute("SELECT value FROM session_attribute " "WHERE sid='john' AND authenticated=0 AND name='foo'") rows = cursor.fetchall() self.assertEqual(1, len(rows)) self.assertEqual('baz', rows[0][0])
def test_update_session(self): """ Verify that accessing a session after one day updates the sessions 'last_visit' variable so that the session doesn't get purged. """ now = time.time() # Make sure the session has data so that it doesn't get dropped cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('123456', 0, 1)") cursor.execute("INSERT INTO session_attribute VALUES " "('123456', 0, 'foo', 'bar')") incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) session.save() # updating should not require modifications self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires']) cursor.execute("SELECT last_visit FROM session WHERE sid='123456' AND " "authenticated=0") self.assertAlmostEqual(now, int(cursor.fetchone()[0]), -1)
def _purge_anonymous_session(self): now = int(time_now()) lifetime = 90 * 86400 # default lifetime with self.env.db_transaction as db: db.executemany("INSERT INTO session VALUES (%s, 0, %s)", [('123456', 0), ('987654', now - lifetime - 3600), ('876543', now - lifetime + 3600), ('765432', now - 3600)]) db.executemany( """ INSERT INTO session_attribute VALUES (%s, 0, 'foo', 'bar') """, [('987654', ), ('876543', ), ('765432', )]) with self.env.db_transaction as db: # We need to modify a different session to trigger the purging req = MockRequest(self.env, authname='anonymous') req.incookie['trac_session'] = '123456' session = Session(self.env, req) session['foo'] = 'bar' session.save() return [ row[0] for row in self.env.db_query(""" SELECT sid FROM session WHERE authenticated=0 ORDER BY sid """) ]
def test_purge_anonymous_session(self): """ Verify that old sessions get purged. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, %s)", (0,)) db("INSERT INTO session VALUES ('987654', 0, %s)", (int(time.time() - PURGE_AGE - 3600),)) db(""" INSERT INTO session_attribute VALUES ('987654', 0, 'foo', 'bar') """) # We need to modify a different session to trigger the purging incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() self.assertEqual(0, self.env.db_query(""" SELECT COUNT(*) FROM session WHERE sid='987654' AND authenticated=0 """)[0][0])
def test_change_anonymous_session(self): """ Verify that changing from one anonymous session to an inexisting anonymous session creates the new session and doesn't carry over variables from the previous session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual({'foo': 'bar'}, session) session.get_session('7890') session['baz'] = 'moo' session.save() self.assertEqual({'baz': 'moo'}, session) with self.env.db_query as db: self.assertEqual(1, db(""" SELECT COUNT(*) FROM session WHERE sid='7890' AND authenticated=0 """)[0][0]) self.assertEqual([('baz', 'moo')], db(""" SELECT name, value FROM session_attribute WHERE sid='7890' AND authenticated=0 """))
def test_delete_empty_session(self): """ Verify that a session gets deleted when it doesn't have any data except for the 'last_visit' timestamp. """ now = time.time() # Make sure the session has data so that it doesn't get dropped cursor = self.db.cursor() cursor.execute("INSERT INTO session " "VALUES ('123456', 0, %s)", (int(now - UPDATE_INTERVAL - 3600),)) cursor.execute("INSERT INTO session_attribute VALUES " "('123456', 0, 'foo', 'bar')") incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) del session['foo'] session.save() cursor.execute("SELECT COUNT(*) FROM session WHERE sid='123456' AND " "authenticated=0") self.assertEqual(0, cursor.fetchone()[0])
def test_purge_anonymous_session(self): """ Verify that old sessions get purged. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session " "VALUES ('123456', 0, %s)", (0,)) cursor.execute("INSERT INTO session " "VALUES ('987654', 0, %s)", (int(time.time() - PURGE_AGE - 3600),)) cursor.execute("INSERT INTO session_attribute VALUES " "('987654', 0, 'foo', 'bar')") # We need to modify a different session to trigger the purging incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() cursor.execute("SELECT COUNT(*) FROM session WHERE sid='987654' AND " "authenticated=0") self.assertEqual(0, cursor.fetchone()[0])
def test_delete_empty_session(self): """ Verify that a session gets deleted when it doesn't have any data except for the 'last_visit' timestamp. """ now = time.time() # Make sure the session has data so that it doesn't get dropped with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, %s)", (int(now - UPDATE_INTERVAL - 3600), )) db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) del session['foo'] session.save() self.assertEqual( 0, self.env.db_query(""" SELECT COUNT(*) FROM session WHERE sid='123456' AND authenticated=0 """)[0][0])
def test_purge_anonymous_session(self): """ Verify that old sessions get purged. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, %s)", (0, )) db("INSERT INTO session VALUES ('987654', 0, %s)", (int(time.time() - PURGE_AGE - 3600), )) db(""" INSERT INTO session_attribute VALUES ('987654', 0, 'foo', 'bar') """) # We need to modify a different session to trigger the purging incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() self.assertEqual( 0, self.env.db_query(""" SELECT COUNT(*) FROM session WHERE sid='987654' AND authenticated=0 """)[0][0])
def test_update_session(self): """ Verify that accessing a session after one day updates the sessions 'last_visit' variable so that the session doesn't get purged. """ now = time.time() # Make sure the session has data so that it doesn't get dropped with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 1)") db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) session['modified'] = True session.save() # updating does require modifications self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires']) self.assertAlmostEqual( now, int( self.env.db_query(""" SELECT last_visit FROM session WHERE sid='123456' AND authenticated=0 """)[0][0]), -1)
def test_delete_anonymous_session_var(self): """ Verify that modifying a variable updates the 'session' table accordingly for an anonymous session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") db( """ INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """ ) incookie = Cookie() incookie["trac_session"] = "123456" req = Mock(authname="anonymous", base_path="/", incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual("bar", session["foo"]) del session["foo"] session.save() self.assertEqual( 0, self.env.db_query( """ SELECT COUNT(*) FROM session_attribute WHERE sid='123456' AND name='foo' """ )[0][0], )
def test_change_anonymous_session(self): """ Verify that changing from one anonymous session to an inexisting anonymous session creates the new session and doesn't carry over variables from the previous session. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('123456', 0, 0)") cursor.execute("INSERT INTO session_attribute VALUES " "('123456', 0, 'foo', 'bar')") incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual({'foo': 'bar'}, session) session.get_session('7890') session['baz'] = 'moo' session.save() self.assertEqual({'baz': 'moo'}, session) cursor.execute("SELECT COUNT(*) FROM session WHERE sid='7890' AND " "authenticated=0") self.assertEqual(1, cursor.fetchone()[0]) cursor.execute("SELECT name, value FROM session_attribute " "WHERE sid='7890' AND authenticated=0") self.assertEqual([('baz', 'moo')], cursor.fetchall())
def test_delete_empty_session(self): """ Verify that a session gets deleted when it doesn't have any data except for the 'last_visit' timestamp. """ now = time.time() # Make sure the session has data so that it doesn't get dropped with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, %s)", (int(now - UPDATE_INTERVAL - 3600),)) db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) del session['foo'] session.save() self.assertEqual(0, self.env.db_query(""" SELECT COUNT(*) FROM session WHERE sid='123456' AND authenticated=0 """)[0][0])
def test_delete_anonymous_session_var(self): """ Verify that modifying a variable updates the 'session' table accordingly for an anonymous session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) del session['foo'] session.save() self.assertEqual( 0, self.env.db_query(""" SELECT COUNT(*) FROM session_attribute WHERE sid='123456' AND name='foo' """)[0][0])
def test_update_session(self): """ Verify that accessing a session after one day updates the sessions 'last_visit' variable so that the session doesn't get purged. """ now = time.time() # Make sure the session has data so that it doesn't get dropped with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 1)") db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) session['modified'] = True session.save() # updating does require modifications self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires']) self.assertAlmostEqual(now, int(self.env.db_query(""" SELECT last_visit FROM session WHERE sid='123456' AND authenticated=0 """)[0][0]), -1)
def test_purge_anonymous_session(self): """ Verify that old sessions get purged. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session " "VALUES ('123456', 0, %s)", (0, )) cursor.execute("INSERT INTO session " "VALUES ('987654', 0, %s)", (int(time.time() - PURGE_AGE - 3600), )) cursor.execute("INSERT INTO session_attribute VALUES " "('987654', 0, 'foo', 'bar')") # We need to modify a different session to trigger the purging incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() cursor.execute("SELECT COUNT(*) FROM session WHERE sid='987654' AND " "authenticated=0") self.assertEqual(0, cursor.fetchone()[0])
def test_delete_empty_session(self): """ Verify that a session gets deleted when it doesn't have any data except for the 'last_visit' timestamp. """ now = time.time() # Make sure the session has data so that it doesn't get dropped cursor = self.db.cursor() cursor.execute("INSERT INTO session " "VALUES ('123456', 0, %s)", (int(now - UPDATE_INTERVAL - 3600), )) cursor.execute("INSERT INTO session_attribute VALUES " "('123456', 0, 'foo', 'bar')") incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) del session['foo'] session.save() cursor.execute("SELECT COUNT(*) FROM session WHERE sid='123456' AND " "authenticated=0") self.assertEqual(0, cursor.fetchone()[0])
def test_authenticated_session_independence_var(self): """ Verify that an anonymous session with the same name as an authenticated session doesn't interfere with the latter. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('john', 1, 0)") db("INSERT INTO session_attribute VALUES ('john',1,'foo','bar')") self.assertEqual('bar', self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='john' AND authenticated=1 AND name='foo' """)[0][0]) incookie = Cookie() incookie['trac_session'] = 'john' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assert_('foo' not in session) session['foo'] = 'baz' session.save() rows = self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='john' AND authenticated=1 AND name='foo' """) self.assertEqual(1, len(rows)) self.assertEqual('bar', rows[0][0]) rows = self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='john' AND authenticated=0 AND name='foo' """) self.assertEqual(1, len(rows)) self.assertEqual('baz', rows[0][0])
def _test_authenticated_session(self, username): """ Verifies that a session cookie does not get used if the user is logged in, and that Trac expires the cookie. """ req = MockRequest(self.env, authname=username) req.incookie['trac_session'] = '123456' session = Session(self.env, req) self.assertEqual(username, session.sid) session['foo'] = 'bar' session.save() self.assertEqual(0, req.outcookie['trac_session']['expires'])
def _test_authenticated_session(self, username, fullname, email): """ Verifies that a session cookie does not get used if the user is logged in, and that Trac expires the cookie. """ req = MockRequest(self.env, authname=username) req.incookie['trac_session'] = '123456' session = Session(self.env, req) self.assertEqual(username, session.sid) session['email'] = email session['name'] = fullname session.save()
def test_add_authenticated_session_var(self): """ Verify that new variables are inserted into the 'session' table in the database for an authenticted session. """ req = Mock(authname='john', cgi_location='/', incookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() cursor = self.db.cursor() cursor.execute("SELECT var_value FROM session WHERE sid='john' AND " "authenticated=1 AND var_name='foo'") self.assertEqual('bar', cursor.fetchone()[0])
def test_add_anonymous_session_var(self): """ Verify that new variables are inserted into the 'session' table in the database for an anonymous session. """ incookie = Cookie() incookie["trac_session"] = "123456" req = Mock(authname="anonymous", base_path="/", incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session["foo"] = "bar" session.save() self.assertEqual("bar", self.env.db_query("SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_add_anonymous_session_var(self): """ Verify that new variables are inserted into the 'session' table in the database for an anonymous session. """ req = MockRequest(self.env, authname='anonymous') req.incookie['trac_session'] = '123456' session = Session(self.env, req) session['foo'] = 'bar' session.save() self.assertEqual('bar', self.env.db_query( "SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_add_authenticated_session_var(self): """ Verify that new variables are inserted into the 'session' table in the database for an authenticated session. """ req = Mock(authname='john', base_path='/', incookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() self.assertEqual('bar', self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='john' AND name='foo' """)[0][0])
def test_authenticated_session(self): """ Verifies that a session cookie does not get used if the user is logged in, and that Trac expires the cookie. """ incookie = Cookie() incookie["trac_session"] = "123456" outcookie = Cookie() req = Mock(authname="john", base_path="/", incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual("john", session.sid) session["foo"] = "bar" session.save() self.assertEquals(0, outcookie["trac_session"]["expires"])
def test_add_anonymous_session_var(self): """ Verify that new variables are inserted into the 'session' table in the database for an anonymous session. """ incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() self.assertEqual('bar', self.env.db_query( "SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_authenticated_session(self): """ Verifies that a session cookie does not get used if the user is logged in, and that Trac expires the cookie. """ incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='john', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual('john', session.sid) session['foo'] = 'bar' session.save() self.assertEquals(0, outcookie['trac_session']['expires'])
def test_session_promotion(self): """ Verifies that an existing anonymous session gets promoted to an authenticated session when the user logs in. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") incookie = Cookie() incookie["trac_session"] = "123456" outcookie = Cookie() req = Mock(authname="john", base_path="/", incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual("john", session.sid) session.save() self.assertEqual([("john", 1)], self.env.db_query("SELECT sid, authenticated FROM session"))
def _test_session_promotion(self, username): """ Verifies that an existing anonymous session gets promoted to an authenticated session when the user logs in. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") req = MockRequest(self.env, authname=username) req.incookie['trac_session'] = '123456' session = Session(self.env, req) self.assertEqual(username, session.sid) session.save() self.assertEqual([(username, 1)], self.env.db_query("""SELECT sid, authenticated FROM session WHERE sid=%s""", (username,)))
def _test_new_session_promotion(self, username): """ Verifies that even without a preexisting anonymous session, an authenticated session will be created when the user logs in. (same test as above without the initial INSERT) """ with self.env.db_transaction: req = MockRequest(self.env, authname=username) req.incookie['trac_session'] = '123456' session = Session(self.env, req) self.assertEqual(username, session.sid) session.save() self.assertEqual([(username, 1)], self.env.db_query("""SELECT sid, authenticated FROM session WHERE sid=%s""", (username,)))
def test_delete_authenticated_session_var(self): """ Verify that modifying a variable updates the 'session' table accordingly for an authenticated session. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('john', 1, 'foo', 'bar')") req = Mock(authname='john', cgi_location='/', incookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) del session['foo'] session.save() cursor.execute("SELECT COUNT(*) FROM session WHERE sid='john' AND " "authenticated=1 AND var_name='foo'") self.assertEqual(0, cursor.fetchone()[0])
def test_new_session_promotion(self): """ Verifies that even without a preexisting anonymous session, an authenticated session will be created when the user logs in. (same test as above without the initial INSERT) """ with self.env.db_transaction as db: incookie = Cookie() incookie["trac_session"] = "123456" outcookie = Cookie() req = Mock(authname="john", base_path="/", incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual("john", session.sid) session.save() self.assertEqual([("john", 1)], self.env.db_query("SELECT sid, authenticated FROM session"))
def _get_session(self, req): try: return Session(self.env, req) except TracError as e: self.log.error("can't retrieve session: %s", exception_to_unicode(e)) return FakeSession()
def test_change_anonymous_session(self): """ Verify that changing from one anonymous session to an inexisting anonymous session creates the new session and doesn't carry over variables from the previous session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") db( """ INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """ ) incookie = Cookie() incookie["trac_session"] = "123456" req = Mock(authname="anonymous", base_path="/", incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual({"foo": "bar"}, session) session.get_session("7890") session["baz"] = "moo" session.save() self.assertEqual({"baz": "moo"}, session) with self.env.db_query as db: self.assertEqual( 1, db( """ SELECT COUNT(*) FROM session WHERE sid='7890' AND authenticated=0 """ )[0][0], ) self.assertEqual( [("baz", "moo")], db( """ SELECT name, value FROM session_attribute WHERE sid='7890' AND authenticated=0 """ ), )
def test_new_session_promotion(self): """ Verifies that even without a preexisting anonymous session, an authenticated session will be created when the user logs in. (same test as above without the initial INSERT) """ with self.env.db_transaction as db: incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='john', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual('john', session.sid) session.save() self.assertEqual([('john', 1)], self.env.db_query( "SELECT sid, authenticated FROM session"))
def test_session_promotion(self): """ Verifies that an existing anonymous session gets promoted to an authenticated session when the user logs in. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='john', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual('john', session.sid) session.save() self.assertEqual([('john', 1)], self.env.db_query( "SELECT sid, authenticated FROM session"))
def test_modify_authenticated_session_var(self): """ Verify that modifying an existing variable updates the 'session' table accordingly for an authenticated session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('john', 1, 0)") db("INSERT INTO session_attribute VALUES ('john',1,'foo','bar')") req = Mock(authname='john', base_path='/', incookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) session['foo'] = 'baz' session.save() self.assertEqual('baz', self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='john' AND name='foo' """)[0][0])
def test_anonymous_session(self): """ Verify that session variables are stored in the database. """ req = MockRequest(self.env, authname='anonymous') req.incookie['trac_session'] = '123456' session = Session(self.env, req) self.assertEqual('123456', session.sid) self.assertNotIn('trac_session', req.outcookie)
def test_delete_authenticated_session_var(self): """ Verify that deleting a variable updates the 'session' table accordingly for an authenticated session. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('john', 1, 0)") cursor.execute("INSERT INTO session_attribute VALUES " "('john', 1, 'foo', 'bar')") req = Mock(authname='john', base_path='/', incookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) del session['foo'] session.save() cursor.execute("SELECT COUNT(*) FROM session_attribute " "WHERE sid='john' AND name='foo'") self.assertEqual(0, cursor.fetchone()[0])
def test_add_anonymous_session_var(self): """ Verify that new variables are inserted into the 'session' table in the database for an anonymous session. """ incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) session['foo'] = 'bar' session.save() cursor = self.db.cursor() cursor.execute( "SELECT value FROM session_attribute WHERE sid='123456'") self.assertEqual('bar', cursor.fetchone()[0])
def test_modify_authenticated_session_var(self): """ Verify that modifying an existing variable updates the 'session' table accordingly for an authenticated session. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('john', 1, 0)") cursor.execute("INSERT INTO session_attribute VALUES " "('john', 1, 'foo', 'bar')") req = Mock(authname='john', base_path='/', incookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) session['foo'] = 'baz' session.save() cursor.execute("SELECT value FROM session_attribute " "WHERE sid='john' AND name='foo'") self.assertEqual('baz', cursor.fetchone()[0])
def test_session_promotion(self): """ Verifies that an existing anonymous session gets promoted to an authenticated session when the user logs in. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('123456', 0, 0)") incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='john', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual('john', session.sid) session.save() cursor.execute("SELECT sid,authenticated FROM session") self.assertEqual(('john', 1), cursor.fetchone()) self.assertEqual(None, cursor.fetchone())
def _get_session(self, req): try: return Session(self.env, req) except TracError as e: msg = "can't retrieve session: %s" if isinstance(e, TracValueError): self.log.warning(msg, e) else: self.log.error(msg, exception_to_unicode(e)) return FakeSession()
def test_modify_anonymous_session_var(self): """ Verify that modifying an existing variable updates the 'session' table accordingly for an anonymous session. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('123456', 0, 0)") cursor.execute("INSERT INTO session_attribute VALUES " "('123456', 0, 'foo', 'bar')") incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) session['foo'] = 'baz' session.save() cursor.execute("SELECT value FROM session_attribute WHERE sid='123456'") self.assertEqual('baz', cursor.fetchone()[0])
def test_new_session(self): """ Verify that a session cookie gets sent back to the client for a new session. """ req = MockRequest(self.env, authname='anonymous') session = Session(self.env, req) self.assertEqual(session.sid, req.outcookie['trac_session'].value) self.assertEqual(0, self.env.db_query( "SELECT COUNT(*) FROM session")[0][0])
def test_delete_authenticated_session_var(self): """ Verify that deleting a variable updates the 'session' table accordingly for an authenticated session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('john', 1, 0)") db("INSERT INTO session_attribute VALUES ('john', 1, 'foo', 'bar')") req = MockRequest(self.env, authname='john') session = Session(self.env, req) self.assertEqual('bar', session['foo']) del session['foo'] session.save() self.assertEqual(0, self.env.db_query(""" SELECT COUNT(*) FROM session_attribute WHERE sid='john' AND name='foo' """)[0][0])
def test_modify_anonymous_session_var(self): """ Verify that modifying an existing variable updates the 'session' table accordingly for an anonymous session. """ cursor = self.db.cursor() cursor.execute("INSERT INTO session VALUES ('123456', 0, 'foo', 'bar')") incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', cgi_location='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) session['foo'] = 'baz' session.save() cursor.execute("SELECT var_value FROM session WHERE sid='123456' AND " "authenticated=0 AND var_name='foo'") self.assertEqual('baz', cursor.fetchone()[0])
def _test_session_promotion(self, username): """ Verifies that an existing anonymous session gets promoted to an authenticated session when the user logs in. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname=username, base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual(username, session.sid) session.save() self.assertEqual([(username, 1)], self.env.db_query("""SELECT sid, authenticated FROM session WHERE sid=%s""", (username,)))
def _test_new_session_promotion(self, username): """ Verifies that even without a preexisting anonymous session, an authenticated session will be created when the user logs in. (same test as above without the initial INSERT) """ with self.env.db_transaction: incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname=username, base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual(username, session.sid) session.save() self.assertEqual([(username, 1)], self.env.db_query("""SELECT sid, authenticated FROM session WHERE sid=%s""", (username,)))
def test_new_session_promotion(self): """ Verifies that even without a preexisting anonymous session, an authenticated session will be created when the user logs in. (same test as above without the initial INSERT) """ cursor = self.db.cursor() incookie = Cookie() incookie['trac_session'] = '123456' outcookie = Cookie() req = Mock(authname='john', base_path='/', incookie=incookie, outcookie=outcookie) session = Session(self.env, req) self.assertEqual('john', session.sid) session.save() cursor.execute("SELECT sid,authenticated FROM session") self.assertEqual(('john', 1), cursor.fetchone()) self.assertEqual(None, cursor.fetchone())
def test_modify_anonymous_session_var(self): """ Verify that modifying an existing variable updates the 'session' table accordingly for an anonymous session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('123456', 0, 0)") db(""" INSERT INTO session_attribute VALUES ('123456', 0, 'foo', 'bar') """) incookie = Cookie() incookie['trac_session'] = '123456' req = Mock(authname='anonymous', base_path='/', incookie=incookie, outcookie=Cookie()) session = Session(self.env, req) self.assertEqual('bar', session['foo']) session['foo'] = 'baz' session.save() self.assertEqual('baz', self.env.db_query( "SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_delete_authenticated_session_var(self): """ Verify that deleting a variable updates the 'session' table accordingly for an authenticated session. """ with self.env.db_transaction as db: db("INSERT INTO session VALUES ('john', 1, 0)") db("INSERT INTO session_attribute VALUES ('john', 1, 'foo', 'bar')") req = Mock(authname="john", base_path="/", incookie=Cookie()) session = Session(self.env, req) self.assertEqual("bar", session["foo"]) del session["foo"] session.save() self.assertEqual( 0, self.env.db_query( """ SELECT COUNT(*) FROM session_attribute WHERE sid='john' AND name='foo' """ )[0][0], )
def test_session_change_id_with_invalid_sid(self): cookie = Cookie() req = Mock(incookie=Cookie(), outcookie=cookie, authname='anonymous', base_path='/') session = Session(self.env, req) session.change_sid('0123456789') self.assertEqual('0123456789', session.sid) session.change_sid('abcxyz') self.assertEqual('abcxyz', session.sid) session.change_sid('abc123xyz') self.assertEqual('abc123xyz', session.sid) self.assertRaises(TracError, session.change_sid, 'abc 123 xyz') self.assertRaises(TracError, session.change_sid, 'abc-123-xyz') self.assertRaises(TracError, session.change_sid, 'abc<i>123</i>xyz') self.assertRaises(TracError, session.change_sid, u'abc123xÿz') self.assertRaises(TracError, session.change_sid, u'abc¹₂³xyz') # Unicode digits