def test_with_and_without_uuid(self):
c_with_uuid = fake_profile.FakeProfileConfig().uuid()
c_without_uuid = fake_profile.FakeProfileConfig()
a = fake_profile.FakeUser(seed=23, config=c_with_uuid)
assert a.uuid.value is not None
b = fake_profile.FakeUser(seed=23, config=c_without_uuid)
assert b.uuid.value is None
def test_null_create_profile(self):
empty_profile = profile.User()
create_profile = fake_profile.FakeUser(
seed=1337,
config=fake_profile.FakeProfileConfig().default().create())
update_profile = fake_profile.FakeUser(
seed=1337, config=fake_profile.FakeProfileConfig().default())
with pytest.raises(exceptions.PublisherVerificationFailure):
update_profile.verify_all_publishers(empty_profile)
assert create_profile.verify_all_publishers(empty_profile) is True
assert update_profile.verify_all_publishers(create_profile) is True
def test_flask_graphql_query(self):
fake_user = fake_profile.FakeUser(seed=1337)
class Query(graphene.ObjectType):
profile = graphene.Field(cis_g.Profile,
user_id=graphene.String(required=True))
def resolve_profile(self, info, user_id):
if fake_user.user_id.value == user_id:
return fake_user
# The following code may be used to test for scopes in the JWT token
# However, we're not doing this right now (and we may never need it, but if we do, it's here!)
# See fake_auth0.py in cis modules
# f = FakeBearer()
# token = f.generate_bearer_without_scope()
# app.get(... headers={
# 'Authorization': 'Bearer ' + token
# },
app = fake_flask_app.app
fake_flask_app.add_rule(Query)
app.testing = True
app = app.test_client()
payload = 'query {{profile (user_id:"{}") {{first_name{{value}}}}}}'.format(
fake_user.user_id.value)
result = app.get("/graphql?query={}".format(payload),
follow_redirects=True)
assert result.status_code == 200
response = json.loads(result.get_data())
assert response.get("errors") is None
assert response["data"]["profile"]["first_name"][
"value"] == fake_user.first_name.value
def setup(self):
os.environ["CIS_CONFIG_INI"] = "tests/fixture/mozilla-cis.ini"
self.config = get_config()
from cis_profile import WellKnown
from cis_identity_vault import vault
os.environ["CIS_CONFIG_INI"] = "tests/fixture/mozilla-cis.ini"
well_known = WellKnown()
self.well_known_json = well_known.get_well_known()
self.dynamodb_client = boto3.client(
"dynamodb", region_name="us-west-2", aws_access_key_id="ak", aws_secret_access_key="sk"
)
self.dynamodb_resource = boto3.resource(
"dynamodb", region_name="us-west-2", aws_access_key_id="ak", aws_secret_access_key="sk"
)
self.vault_client = vault.IdentityVault()
self.vault_client.boto_session = Stubber(boto3.session.Session(region_name="us-west-2")).client
self.vault_client.dynamodb_client = self.dynamodb_client
self.vault_client.find_or_create()
self.table = self.dynamodb_resource.Table("testing-identity-vault")
self.mr_mozilla_profile = fake_profile.FakeUser(seed=1337).as_dict()
from cis_identity_vault.models import user
vault_interface = user.Profile(self.table, self.dynamodb_client, False)
vault_interface.create(profile_to_vault_structure(user_profile=self.mr_mozilla_profile))
self.mr_mozilla_change_event = kinesis_event_generate(self.mr_mozilla_profile)
def test_fake_dynamo_flat_dict_output(self):
# This profile must have ldap groups and staff data
p = fake_profile.FakeUser(seed=44)
ddb = p.as_dynamo_flat_dict()
deserializer = TypeDeserializer()
res = {k: deserializer.deserialize(v) for k, v in ddb.items()}
assert len(res["access_information"]["ldap"]) > 0
assert len(res["staff_information"]["office_location"]) > 0
def test_fake_user(self):
u = fake_profile.FakeUser()
print(u.user_id.value)
j = u.as_json()
d = u.as_dict()
assert j is not None
assert d is not None
assert u.user_id.value is not None
u.validate()
def test_null_create_profile(self):
empty_profile = profile.User()
create_profile = fake_profile.FakeUser(
seed=1337,
config=fake_profile.FakeProfileConfig().default().minimal().create(
).no_display())
update_profile = fake_profile.FakeUser(
seed=1337,
config=fake_profile.FakeProfileConfig().minimal().default(
).no_display())
update_profile.uuid = create_profile.uuid
update_profile.user_id = create_profile.user_id
update_profile.primary_username.value = "test" # invalid because default publisher is cis
update_profile.primary_username.signature.publisher.name = "mozilliansorg"
with pytest.raises(exceptions.PublisherVerificationFailure):
update_profile.verify_all_publishers(empty_profile)
assert create_profile.verify_all_publishers(empty_profile) is True
assert update_profile.verify_all_publishers(create_profile) is True
def setup(self):
os.environ[
"CIS_DISCOVERY_URL"] = "https://auth.allizom.org/.well-known/mozilla-iam"
self.helper_configuration = helpers.Configuration()
self.null_user = profile.User()
u = fake_profile.FakeUser(
config=fake_profile.FakeProfileConfig().default().create())
u.uuid = self.null_user.uuid
u.primary_username = self.null_user.primary_username
u = self.helper_configuration.ensure_appropriate_publishers_and_sign(
fake_profile=u, condition="create")
u.verify_all_publishers(profile.User(user_structure_json=None))
self.durable_profile = u.as_json()
def test_publishing_stream_not_found(self):
from cis_publisher import operation
o = operation.Publish()
profile_json = fake_profile.FakeUser().as_dict()
# send to kinesis
o._connect()
o.kinesis_client["arn"] = "foo/foo"
result = o.to_stream(profile_json)
assert result.get("status_code") == 500
assert result.get("sequence_number") is None
def test_super_weird_parititon_key(self):
from cis_publisher import operation
o = operation.Publish()
os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis-bad.ini"
# open the full-profile
profile_json = fake_profile.FakeUser().as_dict()
# send to kinesis
o._connect()
result = o.to_stream(profile_json)
assert result.get("status_code") == 200
assert result.get("sequence_number") is not None
def test_batch_publishing(self):
from cis_publisher import operation
o = operation.Publish()
os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis-bad.ini"
profiles = []
for x in range(0, 10):
profiles.append(fake_profile.FakeUser().as_dict())
# send to kinesis
o._connect()
results = o.to_stream_batch(profiles)
for result in results:
assert result["sequence_number"] is not None
assert result["status_code"] is not None
def test_publishing_it_should_succeed(self):
from cis_publisher import operation
o = operation.Publish()
# open the full-profile
profile_json = fake_profile.FakeUser().as_dict()
# modify an attribute
profile_json["last_name"]["value"] = "AFakeLastName"
# send to kinesis
result = o.to_stream(profile_json)
assert result.get("status_code") == 200
assert result.get("sequence_number") is not None
def test_publishing_it_should_fail(self):
from cis_publisher import operation
o = operation.Publish()
# open the full-profile
profile_json = fake_profile.FakeUser().as_dict()
# modify an attribute
profile_json["last_name"]["value"] = ["ImBadDataandICannotlie"]
# send to kinesis
result = o.to_stream(profile_json)
assert result.get("status_code") == 400
assert result.get("sequence_number") is None
def test_graphql_gdict_as_argument(self):
fake_user = fake_profile.FakeUser(seed=1337)
class Query(graphene.ObjectType):
profile = graphene.Field(cis_g.Profile, tags=cis_g.GDict())
def resolve_profile(self, info, tags):
if fake_user.tags["values"] == tags:
return fake_user
schema = graphene.Schema(Query, auto_camelcase=False)
result = schema.execute(
"query getProfile($tags: GDict!) {profile(tags:$tags) {uuid{value}}}",
variables={"tags": json.dumps(fake_user.tags["values"])},
)
assert result.errors is None
assert result.data["profile"]["uuid"]["value"] == fake_user.uuid.value
def test_publishing_a_profile_it_should_be_accepted():
u = fake_profile.FakeUser()
json_payload = u.as_json()
wk = WellKnown()
jsonschema.validate(json.loads(json_payload), wk.get_schema())
access_token = exchange_for_access_token()
conn = http.client.HTTPSConnection(base_url)
logger.info('Attempting connection for: {}'.format(base_url))
headers = {
"authorization": "Bearer {}".format(access_token),
"Content-type": "application/json"
}
conn.request("POST", "/v2/user", json_payload, headers=headers)
res = conn.getresponse()
data = res.read()
print(data)
assert 0
assert data is not None
def test_graphql_query(self):
fake_user = fake_profile.FakeUser(seed=1337)
class Query(graphene.ObjectType):
profile = graphene.Field(cis_g.Profile,
user_id=graphene.String(required=True))
def resolve_profile(self, info, user_id):
if fake_user.user_id.value == user_id:
return fake_user
schema = graphene.Schema(Query, auto_camelcase=False)
result = schema.execute(
"query getProfile($user_id: String!) {profile(user_id:$user_id) {uuid{value}}}",
variables={"user_id": fake_user.user_id.value},
)
assert result.errors is None
assert result.data["profile"]["uuid"]["value"] == fake_user.uuid.value
def test_new_user_scenario(self, verify_sigs, verify_pubs):
verify_sigs.return_value = False
verify_pubs.return_value = True
os.environ["CIS_PROCESSOR_VERIFY_SIGNATURES"] = "True"
new_user_profile = fake_profile.FakeUser().as_dict()
new_user_profile["user_id"]["value"] = "harrypotter"
kinesis_event = kinesis_event_generate(new_user_profile)
from cis_processor import operation
for kinesis_record in kinesis_event["Records"]:
base_operation = operation.BaseProcessor(
event_record=kinesis_record, dynamodb_client=self.dynamodb_client, dynamodb_table=self.table
)
base_operation._load_profiles()
needs_integration = base_operation.needs_integration(
base_operation.profiles["new_profile"], base_operation.profiles["old_profile"]
)
assert needs_integration is True
assert (
base_operation.profiles["new_profile"].verify_all_publishers(base_operation.profiles["old_profile"])
is True
)
assert base_operation.process() is False
def test_same_fake_user(self):
a = fake_profile.FakeUser(seed=1337)
b = fake_profile.FakeUser(seed=1337)
c = fake_profile.FakeUser(seed=23)
assert a.uuid.value == b.uuid.value
assert a.uuid.value != c.uuid.value
