def test_user_token_repr_with_metadata():
ut = UserToken(username='******',
email='*****@*****.**',
avatar='',
metadata={'foo': 'bar'})
assert str(ut) == "crl: {'foo': 'bar'}"
def test_user_token_repr():
ut = UserToken(username='******',
email='*****@*****.**',
avatar='',
metadata={})
assert str(ut) == "crl: {}"
def test_user_token_repr_with_metadata():
ut = UserToken(username='******',
email='*****@*****.**',
photo_url='',
app_meta={'foo': 'bar'})
assert str(ut) == "I'am crl and have user permissions."
def test_only_match_allow_admin():
ut = UserToken(username='******',
email='',
photo_url='',
app_meta={},
user_meta={},
admin=True,
staff=True,
scopes={
'users': {
'actions': ['w']
}
}).to_dict()
pv = PermissionInspector(user={
'req': 'staff',
'match': 'min'
},
rule={
'path': 'scopes.users.actions',
'op': 'in',
'value': 'w'
},
allow_super=False)
assert pv.verify(ut) is False
def test_user_token_from_dict():
expected = UserToken(username='******',
email='*****@*****.**',
photo_url='',
app_meta={'foo': 'bar'})
raw = {
'username': '******',
'email': '*****@*****.**',
'avatar': '',
'metadata': {
'foo': 'bar'
}
}
res = UserToken.from_dict(raw)
assert res == expected
def test_get_permissions_user_2():
ut = UserToken(username='******',
email='',
admin=False,
staff=False,
special='').to_dict()
pv = PermissionInspector()
assert pv.get_user_type(ut) == 'user'
def test_user_token_obj():
ut = UserToken(username='******',
email='*****@*****.**',
avatar='',
metadata={})
assert ut.username == 'crl'
assert ut.email == '*****@*****.**'
assert ut.avatar == ''
assert ut.metadata == {}
def verify(self, token: str):
return UserToken('crl',
'*****@*****.**',
photo_url='',
app_meta={
'bar': 'foo'
},
scopes={
'bar': 'foo'
}).to_dict()
def test_user_token_obj():
ut = UserToken(username='******',
email='*****@*****.**',
photo_url='',
app_meta={})
assert ut.username == 'crl'
assert ut.email == '*****@*****.**'
assert ut.photo_url == ''
assert ut.app_meta == {}
def test_allow_just_with_token():
ut = UserToken(username='******',
email='',
photo_url='',
app_meta={},
user_meta={},
admin=False,
staff=False,
scopes={}).to_dict()
pv = PermissionInspector(user={'req': 'user'}, rule={}, allow_super=False)
assert pv.verify(ut) is True
def test_not_allow_if_user_is_not_set():
ut = UserToken(username='******',
email='',
photo_url='',
app_meta={},
user_meta={},
admin=False,
staff=False,
scopes={}).to_dict()
pv = PermissionInspector(user={}, rule={}, allow_super=False)
assert pv.verify(ut) is False
def test_staff_need_permissions():
ut = UserToken(username='******',
email='',
photo_url='',
app_meta={},
user_meta={},
admin=False,
staff=True,
scopes={}).to_dict()
pv = PermissionInspector(user={'req': 'staff'},
rule={
'path': 'scopes.users.actions',
'op': 'in',
'value': 'w'
},
allow_super=False)
assert pv.verify(ut) is False
def test_admin_cannot_do_anything_if_is_not_allow():
scopes = {'users': {'actions': ['w', 'r', 'd', 'u']}}
ut = UserToken(username='******',
email='',
photo_url='',
app_meta={},
user_meta={},
admin=True,
staff=False,
scopes=scopes).to_dict()
pv = PermissionInspector(user={'req': 'staff'},
rule={
'path': 'scopes.users.actions',
'op': 'in',
'value': 'w'
},
allow_super=False)
assert pv.verify(ut) is False
import pytest
from clean.request.inout.ports import Response, Request
from clean.use_case.case import BaseAuthUseCase
from clean.entities.token import UserToken
class ThisCaseNeedUserInfo(BaseAuthUseCase):
def custom_process(self, req: Request, token: UserToken) -> Response:
pass
def test_auth_use_case_raises_if_not_user_token_is_passed():
with pytest.raises(AttributeError):
ThisCaseNeedUserInfo(usr_token={})
def test_create_auth_use_case():
case = ThisCaseNeedUserInfo(usr_token=UserToken('', '', ''))
assert case.usr_token.username == ''
def verify(self, token: str):
return UserToken('crl',
'*****@*****.**',
avatar='',
metadata={'foo': 'bar'})
def __init__(self, raw_token: str, kwargs_perm: Dict = None):
self.raw_token = raw_token
self.user_token = UserToken(username='', email='',
photo_url='').to_dict()
self.kwargs_perm = {} if kwargs_perm is None else kwargs_perm
def __init__(self, raw_token: str, scopes_check=None, resp_err_fuc=None):
self.scopes_check = scopes_check if scopes_check is not None else {}
self.raw_token = raw_token
self.user_token = UserToken(username='', email='', avatar='')
self.resp_err_func = resp_err_fuc
def test_get_permissions_admin():
ut = UserToken(username='******', email='', admin=True, staff=True,
special=1).to_dict()
pv = PermissionInspector()
assert pv.get_user_type(ut) == 'admin'