def init_auth_service(gn_env: GNEnvironment):
if len(gn_env.config) == 0 or gn_env.config.get(ConfigKeys.TESTING, False):
# assume we're testing
return
auth_engine = gn_env.config.get(ConfigKeys.AUTH_SERVICE, None)
if auth_engine is None:
raise RuntimeError('no auth service specified')
auth_type = auth_engine.get(ConfigKeys.TYPE, None)
if auth_type is None:
raise RuntimeError('no auth type specified, use one of [redis, nutcracker, allowall, denyall]')
if auth_type == 'redis' or auth_type == 'nutcracker':
from dino.auth.redis import AuthRedis
auth_host, auth_port = auth_engine.get(ConfigKeys.HOST), None
if ':' in auth_host:
auth_host, auth_port = auth_host.split(':', 1)
auth_db = auth_engine.get(ConfigKeys.DB, 0)
gn_env.auth = AuthRedis(host=auth_host, port=auth_port, db=auth_db, env=gn_env)
elif auth_type == 'allowall':
from dino.auth.simple import AllowAllAuth
gn_env.auth = AllowAllAuth()
elif auth_type == 'denyall':
from dino.auth.simple import DenyAllAuth
gn_env.auth = DenyAllAuth()
else:
raise RuntimeError(
'unknown auth type "{}", use one of [redis, nutcracker, allowall, denyall]'.format(auth_type))
def setUp(self):
environ.env.db = FakeDb()
self.auth = AuthRedis(host='mock', env=environ.env)
environ.env.session = {
SessionKeys.user_id.value: BaseAclTestValidator.USER_ID,
SessionKeys.user_name.value: BaseAclTestValidator.USER_NAME,
SessionKeys.age.value: BaseAclTestValidator.AGE,
SessionKeys.gender.value: BaseAclTestValidator.GENDER,
SessionKeys.membership.value: BaseAclTestValidator.MEMBERSHIP,
SessionKeys.image.value: BaseAclTestValidator.IMAGE,
SessionKeys.has_webcam.value: BaseAclTestValidator.HAS_WEBCAM,
SessionKeys.fake_checked.value: BaseAclTestValidator.FAKE_CHECKED,
SessionKeys.country.value: BaseAclTestValidator.COUNTRY,
SessionKeys.city.value: BaseAclTestValidator.CITY,
SessionKeys.token.value: BaseAclTestValidator.TOKEN
}
FakeDb._admins = dict()
FakeDb._super_users = set()
environ.env.config = {
ConfigKeys.ACL: {
'room': {
'join': {
'ecludes': [],
'acls': ['gender', 'age', 'country']
},
'message': {
'ecludes': [],
'acls': ['gender', 'age']
}
},
'available': {
'acls': ['gender', 'age']
},
'validation': {
'country': {
'type': 'anything',
'value': AclStrInCsvValidator()
},
'gender': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('m,f')
},
'age': {
'type': 'range',
'value': AclRangeValidator()
}
}
}
}
self.auth.redis.hmset(RedisKeys.auth_key(BaseAclTestValidator.USER_ID),
environ.env.session)
self.validator = AclValidator()
def setUp(self):
# environ.env.db = FakeDb()
self.set_up_env('redis')
self.env.db = self.db
self.resource = RoomsAclResource()
self.auth = AuthRedis(env=self.env, host='mock')
self.session = {
SessionKeys.user_id.value: BaseTest.USER_ID,
SessionKeys.user_name.value: BaseTest.USER_NAME,
SessionKeys.gender.value: BaseTest.GENDER,
}
for key, value in self.session.items():
self.auth.update_session_for_key(BaseTest.USER_ID, key, value)
self.channel_id = str(uuid())
self.env.db.create_channel("test name", self.channel_id, BaseTest.OTHER_USER_ID)
self.env.auth = self.auth
self.env.session = self.session
self.resource.env = self.env
def setUp(self):
environ.env.session = dict()
environ.env.session[ConfigKeys.TESTING] = True
environ.env.logger = TestAuthRedis.Logger()
self.auth = AuthRedis(env=environ.env, host='mock')
self.session = {
SessionKeys.user_id.value: TestAuthRedis.USER_ID,
SessionKeys.user_name.value: TestAuthRedis.USER_NAME,
SessionKeys.age.value: TestAuthRedis.AGE,
SessionKeys.gender.value: TestAuthRedis.GENDER,
SessionKeys.membership.value: TestAuthRedis.MEMBERSHIP,
SessionKeys.image.value: TestAuthRedis.IMAGE,
SessionKeys.has_webcam.value: TestAuthRedis.HAS_WEBCAM,
SessionKeys.fake_checked.value: TestAuthRedis.FAKE_CHECKED,
SessionKeys.country.value: TestAuthRedis.COUNTRY,
SessionKeys.city.value: TestAuthRedis.CITY,
SessionKeys.token.value: TestAuthRedis.TOKEN
}
self.auth.redis.hmset(RedisKeys.auth_key(TestAuthRedis.USER_ID),
self.session)
def setUp(self):
environ.env.db = FakeDb()
FakeDb._channel_exists = {
RequestSetAclTest.CHANNEL_ID: True,
RequestSetAclTest.OTHER_CHANNEL_ID: False
}
FakeDb._room_exists = {
RequestSetAclTest.ROOM_ID: True,
RequestSetAclTest.OTHER_ROOM_ID: False
}
FakeDb._room_contains = {
RequestSetAclTest.ROOM_ID: {RequestSetAclTest.USER_ID},
RequestSetAclTest.OTHER_ROOM_ID: set()
}
FakeDb._channel_for_room = {
RequestSetAclTest.ROOM_ID: RequestSetAclTest.CHANNEL_ID,
RequestSetAclTest.OTHER_ROOM_ID: RequestSetAclTest.OTHER_CHANNEL_ID
}
FakeDb._admins = dict()
FakeDb._super_users = set()
FakeDb._channel_owners = dict()
FakeDb._owners = {RequestSetAclTest.ROOM_ID: ''}
FakeDb._moderators = {
RequestSetAclTest.ROOM_ID: {RequestSetAclTest.USER_ID},
RequestSetAclTest.OTHER_ROOM_ID: {}
}
self.auth = AuthRedis(host='mock', env=environ.env)
environ.env.session = {
SessionKeys.user_id.value: RequestSetAclTest.USER_ID,
SessionKeys.user_name.value: RequestSetAclTest.USER_NAME,
SessionKeys.age.value: RequestSetAclTest.AGE,
SessionKeys.gender.value: RequestSetAclTest.GENDER,
SessionKeys.membership.value: RequestSetAclTest.MEMBERSHIP,
SessionKeys.image.value: RequestSetAclTest.IMAGE,
SessionKeys.has_webcam.value: RequestSetAclTest.HAS_WEBCAM,
SessionKeys.fake_checked.value: RequestSetAclTest.FAKE_CHECKED,
SessionKeys.country.value: RequestSetAclTest.COUNTRY,
SessionKeys.city.value: RequestSetAclTest.CITY,
SessionKeys.token.value: RequestSetAclTest.TOKEN
}
self.set_owner()
environ.env.config = {
ConfigKeys.ACL: {
'room': {
'join': {
'acls': ['gender', 'age', 'country']
},
'message': {
'acls': ['gender', 'age']
},
'crossroom': {
'acls': ['samechannel']
}
},
'channel': {
'crossroom': {
'acls': ['samechannel']
}
},
'available': {
'acls': ['gender', 'age', 'samechannel']
},
'validation': {
'samechannel': {
'type': 'samechannel',
'value': AclSameChannelValidator()
},
'country': {
'type': 'anything',
'value': AclStrInCsvValidator()
},
'gender': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('m,f')
},
'age': {
'type': 'range',
'value': AclRangeValidator()
}
}
}
}
self.auth.redis.hmset(RedisKeys.auth_key(RequestSetAclTest.USER_ID),
environ.env.session)
self.validator = RequestValidator()
def setUp(self):
environ.env.db = FakeDb()
self.remote = FakeRemote()
environ.env.remote = self.remote
environ.env.cache = FakeCache()
FakeDb._channel_exists = {
RequestMessageTest.CHANNEL_ID: True,
RequestMessageTest.OTHER_CHANNEL_ID: False,
RequestMessageTest.WHISPER_NOT_ALLOWED_CHANNEL_ID: True
}
FakeDb._room_exists = {
RequestMessageTest.ROOM_ID: True,
RequestMessageTest.OTHER_ROOM_ID: False
}
FakeDb._room_contains = {
RequestMessageTest.ROOM_ID: {RequestMessageTest.USER_ID},
RequestMessageTest.OTHER_ROOM_ID: set()
}
FakeDb._channel_names = {
RequestMessageTest.CHANNEL_ID:
RequestMessageTest.CHANNEL_NAME,
RequestMessageTest.WHISPER_NOT_ALLOWED_CHANNEL_ID:
RequestMessageTest.CHANNEL_NAME + ' no whisper'
}
FakeDb._channel_for_room = {
RequestMessageTest.ROOM_ID: RequestMessageTest.CHANNEL_ID,
RequestMessageTest.OTHER_ROOM_ID:
RequestMessageTest.OTHER_CHANNEL_ID,
}
self.auth = AuthRedis(host='mock', env=environ.env)
environ.env.session = {
SessionKeys.user_id.value: RequestMessageTest.USER_ID,
SessionKeys.user_name.value: RequestMessageTest.USER_NAME,
SessionKeys.age.value: RequestMessageTest.AGE,
SessionKeys.gender.value: RequestMessageTest.GENDER,
SessionKeys.membership.value: RequestMessageTest.MEMBERSHIP,
SessionKeys.image.value: RequestMessageTest.IMAGE,
SessionKeys.has_webcam.value: RequestMessageTest.HAS_WEBCAM,
SessionKeys.fake_checked.value: RequestMessageTest.FAKE_CHECKED,
SessionKeys.country.value: RequestMessageTest.COUNTRY,
SessionKeys.city.value: RequestMessageTest.CITY,
SessionKeys.token.value: RequestMessageTest.TOKEN
}
environ.env.config = {
ConfigKeys.VALIDATE_WHISPERS: True,
ConfigKeys.ACL: {
'room': {
'join': {
'acls': ['gender', 'age', 'country']
},
'message': {
'acls': ['gender', 'age']
},
'crossroom': {
'acls': ['samechannel']
}
},
'channel': {
'whisper': {
'acls': ['disallow']
},
'crossroom': {
'acls': ['samechannel']
}
},
'available': {
'acls': [
'gender',
'age',
'samechannel',
'whisper',
]
},
'validation': {
'samechannel': {
'type': 'samechannel',
'value': AclSameChannelValidator()
},
'country': {
'type': 'anything',
'value': AclStrInCsvValidator()
},
'gender': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('m,f')
},
'age': {
'type': 'range',
'value': AclRangeValidator()
},
'disallow': {
'type': 'disallow',
'value': AclDisallowValidator()
}
}
}
}
self.auth.redis.hmset(RedisKeys.auth_key(RequestMessageTest.USER_ID),
environ.env.session)
self.validator = RequestValidator()
def setUp(self):
BaseTest.users_in_room.clear()
BaseTest.emit_args.clear()
BaseTest.emit_kwargs.clear()
BaseTest.msgs_sent.clear()
BaseTest.rendered_template = None
self.session = {
'user_id': BaseTest.USER_ID,
'user_name': BaseTest.USER_NAME,
'age': BaseTest.AGE,
'gender': BaseTest.GENDER,
'membership': BaseTest.MEMBERSHIP,
'image': BaseTest.IMAGE,
'fake_checked': BaseTest.FAKE_CHECKED,
'has_webcam': BaseTest.HAS_WEBCAM,
'city': BaseTest.CITY,
'country': BaseTest.COUNTRY,
'token': '66968fad-2336-40c9-bc6d-0ecbcd91f4da'
}
environ.env.config = environ.ConfigDict()
environ.env.config.set(ConfigKeys.TESTING, True)
environ.env.config = environ.env.config.sub(**self.session)
all_acls = [
'age', 'gender', 'membership', 'group', 'country', 'city', 'image',
'has_webcam', 'fake_checked', 'owner', 'admin', 'moderator',
'superuser', 'crossroom', 'samechannel', 'sameroom', 'disallow'
]
environ.env.config.set(
ConfigKeys.ACL, {
'room': {
'join': {
'acls': all_acls
},
'message': {
'acls': all_acls
},
'history': {
'acls': all_acls
},
'crossroom': {
'acls': all_acls
}
},
'channel': {
'message': {
'acls': all_acls
},
'list': {
'acls': all_acls
},
'crossroom': {
'acls': all_acls
},
'whisper': {
'acls': ['disallow']
},
},
'available': {
'acls': all_acls
},
'validation': {
'superuser': {
'type': 'superuser',
'value': AclIsSuperUserValidator()
},
'admin': {
'type': 'admin',
'value': AclIsAdminValidator()
},
'samechannel': {
'type': 'samechannel',
'value': AclSameChannelValidator()
},
'sameroom': {
'type': 'sameroom',
'value': AclSameRoomValidator()
},
'country': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator()
},
'disallow': {
'type': 'disallow',
'value': AclDisallowValidator()
},
'gender': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('m,f')
},
'membership': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator()
},
'city': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator()
},
'has_webcam': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('y,n')
},
'fake_checked': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('y,n')
},
'image': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('y,n')
},
'group': {
'type': 'str_in_csv',
'value': AclStrInCsvValidator('')
},
'age': {
'type': 'range',
'value': AclRangeValidator()
}
}
})
environ.env.auth = AuthRedis('mock', env=environ.env)
environ.env.storage = StorageRedis('mock')
environ.env.db = DatabaseRedis(environ.env, 'mock')
environ.env.storage.redis = environ.env.auth.redis
environ.env.db.redis = environ.env.auth.redis
environ.env.redis = environ.env.auth.redis
environ.env.publish = BaseTest._mock_publish
environ.env.disconnect = BaseTest._disconnect
environ.env.stats = MockStats()
environ.env.spam = MockSpam()
environ.env.cache = CacheAllMiss()
environ.env.auth.redis.flushall()
environ.env.storage.redis.flushall()
environ.env.db.redis.flushall()
environ.env.cache._flushall()
environ.env.auth.redis.hmset(RedisKeys.auth_key(BaseTest.USER_ID),
self.session)
environ.env.redis.hset(RedisKeys.room_name_for_id(), BaseTest.ROOM_ID,
BaseTest.ROOM_NAME)
environ.env.redis.sadd(RedisKeys.non_ephemeral_rooms(),
BaseTest.ROOM_ID)
environ.env.redis.hset(RedisKeys.channels(), BaseTest.CHANNEL_ID,
BaseTest.CHANNEL_NAME)
environ.env.db.redis.hset(RedisKeys.channels(), BaseTest.CHANNEL_ID,
BaseTest.CHANNEL_NAME)
environ.env.db.redis.hset(RedisKeys.auth_key(BaseTest.USER_ID),
SessionKeys.user_name.value,
BaseTest.USER_NAME)
environ.env.db.redis.hset(RedisKeys.channel_for_rooms(),
BaseTest.ROOM_ID, BaseTest.CHANNEL_ID)
environ.env.db.redis.hset(RedisKeys.user_names(), BaseTest.USER_ID,
BaseTest.USER_NAME)
environ.env.db.redis.delete(RedisKeys.room_acl(BaseTest.ROOM_ID))
environ.env.render_template = BaseTest._render_template
environ.env.emit = BaseTest._emit
environ.env.join_room = BaseTest._join_room
environ.env.send = BaseTest._send
environ.env.leave_room = BaseTest._leave_room
environ.env.redirect = BaseTest._redirect
environ.env.url_for = BaseTest._url_for
environ.env.send_from_directory = BaseTest._send_from_directory
environ.env.request = BaseTest.Request()
environ.env.SelectField = SelectField
environ.env.SubmitField = SubmitField
environ.env.StringField = StringField
environ.env.DataRequired = DataRequired
environ.env.Form = Form
environ.env.logger = logger
environ.env.session = self.session
# TODO: don't do this here, but too many tests that doesn't do it themselves... should remove this base class
# and only have test logic in each test class, separate it
self.env = environ.env
class RoomsAclTest(BaseDatabaseTest):
def setUp(self):
# environ.env.db = FakeDb()
self.set_up_env('redis')
self.env.db = self.db
self.resource = RoomsAclResource()
self.auth = AuthRedis(env=self.env, host='mock')
self.session = {
SessionKeys.user_id.value: BaseTest.USER_ID,
SessionKeys.user_name.value: BaseTest.USER_NAME,
SessionKeys.gender.value: BaseTest.GENDER,
}
for key, value in self.session.items():
self.auth.update_session_for_key(BaseTest.USER_ID, key, value)
self.channel_id = str(uuid())
self.env.db.create_channel("test name", self.channel_id, BaseTest.OTHER_USER_ID)
self.env.auth = self.auth
self.env.session = self.session
self.resource.env = self.env
def tearDown(self):
self.db.redis.flushall()
self.env.cache._flushall()
def test_get_one_rooms(self):
self.env.db.create_room("room name 1", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.assertEqual(1, len(self.resource._do_get(BaseTest.USER_ID)))
def test_get_three_rooms(self):
self.env.db.create_room("room name 1", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.create_room("room name 2", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.create_room("room name 3", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.assertEqual(3, len(self.resource._do_get(BaseTest.USER_ID)))
def test_get_two_rooms_one_not_allowed(self):
room_id_to_forbid = str(uuid())
self.env.db.create_room("room name 1", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.create_room("room name 2", room_id_to_forbid, self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.create_room("room name 3", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.add_acls_in_room_for_action(
room_id_to_forbid,
ApiActions.JOIN,
{"gender": "m"}
)
rooms = self.resource._do_get(BaseTest.USER_ID)
self.assertEqual(2, len(rooms))
self.assertTrue(all((room["room_name"] in {"room name 1", "room name 3"} for room in rooms)))
def test_get_two_channels_one_not_allowed_two_rooms_one_not_allowed(self):
room_id_to_forbid = str(uuid())
self.env.db.create_room("room name 1", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.create_room("room name 2", room_id_to_forbid, self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.create_room("room name 3", str(uuid()), self.channel_id, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.add_acls_in_room_for_action(
room_id_to_forbid,
ApiActions.JOIN,
{"gender": "m"}
)
channel_id_to_forbid = str(uuid())
self.env.db.create_channel("test name 2", channel_id_to_forbid, BaseTest.OTHER_USER_ID)
self.env.db.create_room("room name 4", str(uuid()), channel_id_to_forbid, BaseTest.OTHER_USER_ID, "user name", False, 999)
self.env.db.add_acls_in_channel_for_action(
channel_id_to_forbid,
ApiActions.LIST,
{"gender": "m"}
)
rooms = self.resource._do_get(BaseTest.USER_ID)
self.assertEqual(2, len(rooms))
self.assertTrue(all((room["room_name"] in {"room name 1", "room name 3"} for room in rooms)))
self.assertTrue(all((room["channel_name"] == "test name" for room in rooms)))
def test_set_last_cleared(self):
last_cleared = self.resource._get_last_cleared()
self.resource._set_last_cleared(datetime.utcnow()+timedelta(minutes=5))
self.assertNotEqual(last_cleared, self.resource._get_last_cleared())
class TestAuthRedis(TestCase):
USER_ID = '1234'
USER_NAME = 'Joe'
AGE = '30'
GENDER = 'f'
MEMBERSHIP = '0'
IMAGE = 'y'
HAS_WEBCAM = 'y'
FAKE_CHECKED = 'n'
COUNTRY = 'cn'
CITY = 'Shanghai'
TOKEN = str(uuid())
class Logger(object):
def warning(self, *args):
pass
def setUp(self):
environ.env.session = dict()
environ.env.session[ConfigKeys.TESTING] = True
environ.env.logger = TestAuthRedis.Logger()
self.auth = AuthRedis(env=environ.env, host='mock')
self.session = {
SessionKeys.user_id.value: TestAuthRedis.USER_ID,
SessionKeys.user_name.value: TestAuthRedis.USER_NAME,
SessionKeys.age.value: TestAuthRedis.AGE,
SessionKeys.gender.value: TestAuthRedis.GENDER,
SessionKeys.membership.value: TestAuthRedis.MEMBERSHIP,
SessionKeys.image.value: TestAuthRedis.IMAGE,
SessionKeys.has_webcam.value: TestAuthRedis.HAS_WEBCAM,
SessionKeys.fake_checked.value: TestAuthRedis.FAKE_CHECKED,
SessionKeys.country.value: TestAuthRedis.COUNTRY,
SessionKeys.city.value: TestAuthRedis.CITY,
SessionKeys.token.value: TestAuthRedis.TOKEN
}
self.auth.redis.hmset(RedisKeys.auth_key(TestAuthRedis.USER_ID),
self.session)
def test_auth_with_empty_session(self):
authenticated, *rest = self.auth.authenticate_and_populate_session(
'', '')
self.assertFalse(authenticated)
def test_auth_with_wrong_token(self):
authenticated, *rest = self.auth.authenticate_and_populate_session(
TestAuthRedis.USER_ID, str(uuid()))
self.assertFalse(authenticated)
def test_auth_with_required_args(self):
authenticated, *rest = self.auth.authenticate_and_populate_session(
TestAuthRedis.USER_ID, TestAuthRedis.TOKEN)
self.assertTrue(authenticated)
def test_auth_without_token(self):
authenticated, *rest = self.auth.authenticate_and_populate_session(
TestAuthRedis.USER_ID, '')
self.assertFalse(authenticated)
def test_auth_without_user_id(self):
authenticated, *rest = self.auth.authenticate_and_populate_session(
'', TestAuthRedis.TOKEN)
self.assertFalse(authenticated)
def test_session_gets_populated(self):
*rest, error_msg, session = self.auth.authenticate_and_populate_session(
TestAuthRedis.USER_ID, TestAuthRedis.TOKEN)
self.assertEqual(self.session, session)
def test_session_gets_populated_remove_one(self):
del self.session[SessionKeys.fake_checked.value]
self.auth.redis.hdel(RedisKeys.auth_key(TestAuthRedis.USER_ID),
SessionKeys.fake_checked.value)
*rest, error_msg, session = self.auth.authenticate_and_populate_session(
TestAuthRedis.USER_ID, TestAuthRedis.TOKEN)
self.assertEqual(self.session, session)