def test_password_setter(self):
old_password_hash = generate_password_hash('123456')
user_data = {'password': old_password_hash}
user = User(**user_data)
self.assertEqual(user.password, old_password_hash)
new_password_hash = generate_password_hash('new_pass')
user.password = '******'
self.assertEqual(user.password, new_password_hash)
def test_password_setter(self):
old_password_hash = generate_password_hash('123456')
user_data = {'password': old_password_hash}
user = User(**user_data)
self.assertEqual(user.password, old_password_hash)
new_password_hash = generate_password_hash('new_pass')
user.password = '******'
self.assertEqual(user.password, new_password_hash)
def test_email_setter(self):
old_email = '*****@*****.**'
user_data = {'email': old_email}
user = User(**user_data)
self.assertEqual(user.email, old_email)
new_email = '*****@*****.**'
user.email = new_email
self.assertEqual(user.email, new_email)
self.assertEqual(user.email, new_email)
def test_email_setter(self):
old_email = '*****@*****.**'
user_data = {'email': old_email}
user = User(**user_data)
self.assertEqual(user.email, old_email)
new_email = '*****@*****.**'
user.email = new_email
self.assertEqual(user.email, new_email)
self.assertEqual(user.email, new_email)
def test_permissions_setter_1(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.permissions, [])
class CanEditUser(object):
pass
permissions = [CanEditUser, ]
user.permissions = permissions
self.assertEqual(user.permissions, permissions)
def test_has_permission(self):
class DeleteAdminPermission(object):
pass
user_data = {
'first_name': 'test',
'last_name': 'user',
'is_user': True,
'password': generate_password_hash('123456'),
'permissions': [DeleteAdminPermission, ]
}
user = User(**user_data)
self.assertTrue(user.has_permission(DeleteAdminPermission))
def test_permissions_setter_1(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.permissions, [])
class CanEditUser(object):
pass
permissions = [
CanEditUser,
]
user.permissions = permissions
self.assertEqual(user.permissions, permissions)
def test_has_permission_for_inactive_user(self):
class ViewAdminSitePermission(object):
pass
user_data = {
'first_name': 'test',
'last_name': 'user',
'is_active': False,
'is_user': True,
'password': generate_password_hash('123456'),
'permissions': [ViewAdminSitePermission, ]
}
user = User(**user_data)
self.assertFalse(user.has_permission(ViewAdminSitePermission))
def test_has_permission(self):
class DeleteAdminPermission(object):
pass
user_data = {
'first_name': 'test',
'last_name': 'user',
'is_user': True,
'password': generate_password_hash('123456'),
'permissions': [
DeleteAdminPermission,
]
}
user = User(**user_data)
self.assertTrue(user.has_permission(DeleteAdminPermission))
def test_has_permission_for_inactive_user(self):
class ViewAdminSitePermission(object):
pass
user_data = {
'first_name': 'test',
'last_name': 'user',
'is_active': False,
'is_user': True,
'password': generate_password_hash('123456'),
'permissions': [
ViewAdminSitePermission,
]
}
user = User(**user_data)
self.assertFalse(user.has_permission(ViewAdminSitePermission))
def test_permissions_getter_1(self):
class CanViewAdmin(object):
pass
permissions = [
CanViewAdmin,
]
user_data = {'permissions': permissions}
user = User(**user_data)
self.assertEqual(user.permissions, permissions)
def get_user_by_token(self, token):
"""
Get user from the database by passed token.
:param token: token as string.
"""
token_data = self.storage_backend.get(token)
if token_data:
user = self.user_model.get_user_by_token(token_data)
else:
user = User()
return user
def test_authenticate(self):
class TestView(MethodBasedView):
auth_required = True
user = User(is_user=True)
token_data = {'key': 'value'}
raw_token = self.middleware.manager.generate(token_data)
request = Request()
add_property(request, 'user', user)
add_property(request, 'token', raw_token)
view = TestView()
self.assertIsNone(self.middleware.authenticate(request, view))
def test_authenticate_with_permissions(self):
class ViewWithIsAuthenticatedPermission(MethodBasedView):
auth_required = True
permission_classes = (IsAuthenticated, )
user = User(is_user=True)
token_data = {'key': 'value'}
raw_token = self.middleware.manager.generate(token_data)
request = Request()
add_property(request, 'user', user)
add_property(request, 'token', raw_token)
view = ViewWithIsAuthenticatedPermission()
self.assertIsNone(self.middleware.authenticate(request, view))
def init_credentials(self, request):
"""
Getting credentials (user, keys, tokens) from database/cache/etc.
:param request: instance of Request class.
"""
token = getattr(request, 'token', None)
if token:
token_payload = self.manager.verify(token)
user = self.get_user_by_token(token)
else:
token_payload = None
user = User()
add_property(request, 'user', user)
add_property(request, 'token_payload', token_payload)
def get_user_by_token(self, token):
"""
Get user object from the database, based on the his token.
:param token: passed token as a dictionary object.
"""
user_id = token['user_id']
try:
user_row = self.db_manager.execute_sql(SQL_USER_GET,
(user_id, )).fetchone()
if user_row:
user_data = convert_user_raw_data_to_dict(user_row)
else:
user_data = {}
except OperationalError as exc:
logger.error(exc)
user_data = {}
return User(**user_data)
def test_authenticate_with_permissions_and_raise_exception(self):
class CustomPermission(AbstractPermission):
@staticmethod
def check(request, handler):
raise PermissionDeniedException
class ViewWithPermissions(MethodBasedView):
auth_required = True
permission_classes = (CustomPermission, )
user = User(is_user=True)
token_data = {'key': 'value'}
raw_token = self.middleware.manager.generate(token_data)
request = Request()
add_property(request, 'user', user)
add_property(request, 'token', raw_token)
view = ViewWithPermissions()
self.assertRaises(PermissionDeniedException,
self.middleware.authenticate, request, view)
def get_user_by_username(self, username, with_id=False):
"""
Get user by his username from the database.
:param username: username as a string.
:param with_id: boolean flag, which means necessity to append to the
result object primary key of database row or not.
"""
try:
if with_id:
sql = SQL_USER_GET_WITH_ID
else:
sql = SQL_USER_GET_BY_USERNAME
user_row = self.db_manager.execute_sql(
sql, (username, )).fetchone() # NOQA
if user_row:
user_data = convert_user_raw_data_to_dict(user_row, with_id)
else:
user_data = {}
except OperationalError as exc:
logger.error(exc)
user_data = {}
return User(**user_data)
def test_email_getter_2(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.email, '')
def test_id_getter_1(self):
user_data = {'id': 1}
user = User(**user_data)
self.assertEqual(user.id, 1)
def test_check_invalid_password(self):
password = '******'
password_hash = generate_password_hash(password)
user_data = {'password': password_hash}
user = User(**user_data)
self.assertFalse(user.check_password('password'))
def test_id_getter_2(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.id, None)
def test_username_getter_2(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.username, '')
def test_username_getter_1(self):
user_data = {'username': '******'}
user = User(**user_data)
self.assertEqual(user.username, 'admin')
def test_username_setter(self):
user_data = {'username': '******'}
user = User(**user_data)
user.username = '******'
self.assertEqual(user.username, 'new_admin')
def test_username_setter(self):
user_data = {'username': '******'}
user = User(**user_data)
user.username = '******'
self.assertEqual(user.username, 'new_admin')
def test_email_getter_1(self):
user_data = {'email': '*****@*****.**'}
user = User(**user_data)
self.assertEqual(user.email, '*****@*****.**')
def test_permissions_getter_2(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.permissions, [])
def test_check_invalid_password(self):
password = '******'
password_hash = generate_password_hash(password)
user_data = {'password': password_hash}
user = User(**user_data)
self.assertFalse(user.check_password('password'))
def test_password_getter_1(self):
password_hash = generate_password_hash('123456')
user_data = {'password': password_hash}
user = User(**user_data)
self.assertEqual(user.password, password_hash)
def test_password_getter_2(self):
user_data = {}
user = User(**user_data)
self.assertEqual(user.password, '')