def test_get_buyer_with_etag(self, slumber):
slumber.generic.buyer.get.return_value = self.buyer_data
buyer = client.get_buyer(self.uuid)
eq_(buyer.get('uuid'), self.uuid)
slumber.generic.buyer.get.side_effect = ResourceNotModified()
buyer2 = client.get_buyer(self.uuid)
eq_(buyer.get('etag'), buyer2.get('etag'))
def test_get_buyer_with_etag(self, slumber):
slumber.generic.buyer.get_object_or_404.return_value = self.buyer_data
buyer = client.get_buyer(self.uuid)
eq_(buyer.get('uuid'), self.uuid)
slumber.generic.buyer.get_object_or_404.side_effect = (
ResourceNotModified())
buyer2 = client.get_buyer(self.uuid)
eq_(buyer.get('etag'), buyer2.get('etag'))
def test_reset_pin_flag_set(self):
# set
res = client.set_needs_pin_reset(self.uuid)
eq_(res, {})
buyer = client.get_buyer(self.uuid)
assert buyer['needs_pin_reset']
# unset
res = client.set_needs_pin_reset(self.uuid, False)
eq_(res, {})
buyer = client.get_buyer(self.uuid)
assert not buyer['needs_pin_reset']
def test_get_buyer(self, slumber):
slumber.generic.buyer.get.return_value = self.buyer_data
buyer = client.get_buyer(self.uuid)
eq_(buyer.get('uuid'), self.uuid)
assert buyer.get('pin')
assert buyer.get('id')
assert buyer.get('etag')
def test_reset_pin_flag_set(self):
# set
client.set_new_pin(self.uuid, "1234")
res = client.set_needs_pin_reset(self.uuid)
eq_(res, {})
buyer = client.get_buyer(self.uuid)
assert buyer["needs_pin_reset"]
assert not buyer["new_pin"]
# unset
client.set_new_pin(self.uuid, "1234")
res = client.set_needs_pin_reset(self.uuid, False)
eq_(res, {})
buyer = client.get_buyer(self.uuid)
assert not buyer["needs_pin_reset"]
assert not buyer["new_pin"]
def set_user(request, email, verified=None):
if not check_whitelist(email):
log.warning('Whitelist denied access to: {0}'.format(email))
raise PermissionDenied
uuid = get_uuid(email)
new_uuid = request.session.get('uuid') != uuid
request.session['uuid'] = uuid
# This is only used by navigator.id.watch()
request.session['logged_in_user'] = email
# Leave previous was_verified behaviour for Persona.
if verified is not None:
request.session['was_reverified'] = verified
buyer = client.get_buyer(uuid)
if not buyer:
buyer = client.create_buyer(uuid, email)
log.info('Created buyer {uuid} for email {email}'
.format(uuid=uuid, email=email))
log.info('Buyer uuid is {uuid} for email {email}'
.format(uuid=uuid, email=email))
super_powers = email in settings.USERS_WITH_SUPER_POWERS
log.info('user has super powers? {user}: {powers}'
.format(user=email, powers=super_powers))
request.session['super_powers'] = super_powers
return update_session(request, uuid, new_uuid, email, buyer=buyer)
def test_get_buyer(self, slumber):
slumber.generic.buyer.get_object_or_404.return_value = self.buyer_data
buyer = client.get_buyer(self.uuid)
eq_(buyer.get('uuid'), self.uuid)
assert buyer.get('pin')
assert buyer.get('resource_pk')
assert buyer.get('etag')
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
self._ensure_user_reauthenticated()
buyer = client.get_buyer(self.uuid)
if buyer and self.client_response_is_valid(buyer):
self.buyer = buyer
return pin
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
self._ensure_user_reauthenticated()
buyer = client.get_buyer(self.uuid)
if buyer and self.client_response_is_valid(buyer):
self.buyer = buyer
return pin
def test_reset_pin_flag_set(self):
# set
client.set_new_pin(self.uuid, '1234')
res = client.set_needs_pin_reset(self.uuid)
eq_(res, {})
buyer = client.get_buyer(self.uuid)
assert buyer['needs_pin_reset']
assert not buyer['new_pin']
# unset
client.set_new_pin(self.uuid, '1234')
res = client.set_needs_pin_reset(self.uuid, False)
eq_(res, {})
buyer = client.get_buyer(self.uuid)
assert not buyer['needs_pin_reset']
assert not buyer['new_pin']
def test_get_buyer(self, slumber):
slumber.generic.buyer.get_object_or_404.return_value = self.buyer_data
buyer = client.get_buyer(self.uuid)
eq_(buyer.get('uuid'), self.uuid)
assert buyer.get('pin')
assert buyer.get('resource_pk')
assert buyer.get('etag')
def retrieve(self, request):
res = client.get_buyer(request.session['uuid'])
if res:
res['pin_reset_started'] = request.session.get(
'was_reverified', False)
serial = PinSerializer(res or None)
return response.Response(serial.data)
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.handle_client_errors(buyer):
self.buyer = buyer
if buyer.get('pin'):
raise forms.ValidationError(_('Buyer already has a PIN.'))
return pin
def set_user(request, email):
uuid = get_uuid(email)
request.session['uuid'] = uuid
buyer = client.get_buyer(uuid)
set_user_has_pin(request, buyer.get('pin', False))
set_user_has_confirmed_pin(request, buyer.get('pin_confirmed', False))
set_user_reset_pin(request, buyer.get('needs_pin_reset', False))
set_user_has_new_pin(request, buyer.get('new_pin', False))
def test_change_pin_with_existing_pin(self):
uuid = "change_pin_with_existing_pin"
pin = "5432"
new_pin = pin[::-1]
client.create_buyer(uuid, pin)
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get("pin")
assert client.verify_pin(uuid, new_pin)
def test_change_pin_to_remove_exising_pin(self):
uuid = "change_pin_to_remove_exising_pin"
pin = "5467"
new_pin = None
buyer = client.create_buyer(uuid, pin)
assert buyer.get("pin")
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert not buyer.get("pin")
def check(self, request):
form = VerifyPinForm(uuid=request.session['uuid'], data=request.DATA)
try:
status = 200 if form.is_valid() else 400
except ObjectDoesNotExist:
raise Http404
res = client.get_buyer(request.session['uuid'])
serial = PinSerializer(res)
return response.Response(serial.data, status=status)
def check(self, request):
form = VerifyPinForm(uuid=request.session['uuid'], data=request.DATA)
try:
status = 200 if form.is_valid() else 400
except ObjectDoesNotExist:
raise Http404
res = client.get_buyer(request.session['uuid'])
serial = PinSerializer(res)
return response.Response(serial.data, status=status)
def test_change_pin_without_existing_pin(self):
uuid = "change_pin_without_existing_pin"
new_pin = "1234"
buyer = client.create_buyer(uuid)
assert not buyer.get("pin")
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get("pin")
assert client.verify_pin(uuid, new_pin)
def test_change_pin_with_existing_pin(self):
uuid = 'change_pin_with_existing_pin'
pin = '5432'
new_pin = pin[::-1]
client.create_buyer(uuid, pin)
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get('pin')
assert client.verify_pin(uuid, new_pin)
def test_change_pin_without_existing_pin(self):
uuid = 'change_pin_without_existing_pin'
new_pin = '1234'
buyer = client.create_buyer(uuid)
assert not buyer.get('pin')
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get('pin')
assert client.verify_pin(uuid, new_pin)
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.handle_client_errors(buyer):
self.buyer_exists = True
if buyer.get('pin'):
raise forms.ValidationError(
_('You have already created a PIN.'))
return pin
def test_change_pin_to_remove_exising_pin(self):
uuid = 'change_pin_to_remove_exising_pin'
pin = '5467'
new_pin = None
buyer = client.create_buyer(uuid, pin)
assert buyer.get('pin')
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert not buyer.get('pin')
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.handle_client_errors(buyer):
self.buyer_exists = True
if buyer.get('pin'):
raise forms.ValidationError(
_('You have already created a PIN.')
)
return pin
def update_session(request, uuid):
buyer = client.get_buyer(uuid)
set_user_has_pin(request, buyer.get('pin', False))
set_user_has_confirmed_pin(request, buyer.get('pin_confirmed', False))
set_user_reset_pin(request, buyer.get('needs_pin_reset', False))
set_user_has_new_pin(request, buyer.get('new_pin', False))
request.session['uuid_pin_was_locked'] = buyer.get('pin_was_locked_out',
False)
request.session['uuid_pin_is_locked'] = buyer.get('pin_is_locked_out',
False)
return uuid
def set_user(request, email):
uuid = get_uuid(email)
request.session['uuid'] = uuid
# This is only used by navigator.id.watch()
request.session['logged_in_user'] = email
buyer = client.get_buyer(uuid)
set_user_has_pin(request, buyer.get('pin', False))
set_user_has_confirmed_pin(request, buyer.get('pin_confirmed', False))
set_user_reset_pin(request, buyer.get('needs_pin_reset', False))
set_user_has_new_pin(request, buyer.get('new_pin', False))
return uuid
def update_session(request, uuid):
buyer = client.get_buyer(uuid)
set_user_has_pin(request, buyer.get('pin', False))
set_user_has_confirmed_pin(request, buyer.get('pin_confirmed', False))
set_user_reset_pin(request, buyer.get('needs_pin_reset', False))
set_user_has_new_pin(request, buyer.get('new_pin', False))
request.session['uuid_pin_was_locked'] = buyer.get('pin_was_locked_out',
False)
request.session['uuid_pin_is_locked'] = buyer.get('pin_is_locked_out',
False)
return uuid
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.client_response_is_valid(buyer):
try:
self.buyer_etag = buyer['etag']
except KeyError:
self.buyer_etag = ''
if buyer.get('pin'):
self.add_error_code(msg.PIN_ALREADY_CREATED)
raise forms.ValidationError(msg.PIN_ALREADY_CREATED)
return pin
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.client_response_is_valid(buyer):
try:
self.buyer_etag = buyer['etag']
except KeyError:
self.buyer_etag = ''
if buyer.get('pin'):
self.add_error_code(msg.PIN_ALREADY_CREATED)
raise forms.ValidationError(msg.PIN_ALREADY_CREATED)
return pin
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.handle_client_errors(buyer):
self.buyer_exists = True
try:
self.buyer_etag = buyer['etag']
except KeyError:
self.buyer_etag = ''
if buyer.get('pin'):
self.add_error_code('PIN_ALREADY_CREATED')
raise forms.ValidationError(
_('You have already created a PIN.'))
return pin
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.handle_client_errors(buyer):
try:
self.buyer_etag = buyer['etag']
except KeyError:
self.buyer_etag = ''
if buyer.get('pin'):
self.add_error_code('PIN_ALREADY_CREATED')
raise forms.ValidationError(
_('You have already created a PIN.')
)
return pin
def set_user(request, email):
if not check_whitelist(email):
log.warning('Whitelist denied access to: {0}'.format(email))
raise PermissionDenied
uuid = get_uuid(email)
new_uuid = request.session.get('uuid') != uuid
request.session['uuid'] = uuid
# This is only used by navigator.id.watch()
request.session['logged_in_user'] = email
buyer = client.get_buyer(uuid)
if not buyer:
buyer = client.create_buyer(uuid, email)
return update_session(request, uuid, new_uuid, email, buyer=buyer)
def update_session(request, uuid, new_uuid, email, buyer=None):
buyer = buyer or client.get_buyer(uuid)
# Some buyers may not have email set
# We must update them to store their email
# If all buyers have emails set then this can
# be safely removed
if not buyer.get("email", None):
client.update_buyer(uuid, email=email)
set_user_has_pin(request, buyer.get("pin", False))
set_user_has_confirmed_pin(request, buyer.get("pin_confirmed", False))
set_user_reset_pin(request, buyer.get("needs_pin_reset", False))
set_user_has_new_pin(request, buyer.get("new_pin", False))
request.session["uuid_pin_was_locked"] = buyer.get("pin_was_locked_out", False)
request.session["uuid_pin_is_locked"] = buyer.get("pin_is_locked_out", False)
if new_uuid:
request.session["last_pin_success"] = None
return uuid
def set_user(request, email, verified=None):
if not check_whitelist(email):
log.warning("Whitelist denied access to: {0}".format(email))
raise PermissionDenied
uuid = get_uuid(email)
new_uuid = request.session.get("uuid") != uuid
request.session["uuid"] = uuid
# This is only used by navigator.id.watch()
request.session["logged_in_user"] = email
# Leave previous was_verified behaviour for Persona.
if verified is not None:
request.session["was_reverified"] = verified
buyer = client.get_buyer(uuid)
if not buyer:
buyer = client.create_buyer(uuid, email)
log.info("Created buyer {uuid} for email {email}".format(uuid=uuid, email=email))
log.info("Buyer uuid is {uuid} for email {email}".format(uuid=uuid, email=email))
return update_session(request, uuid, new_uuid, email, buyer=buyer)
def update_session(request, uuid, new_uuid, email, buyer=None):
buyer = buyer or client.get_buyer(uuid)
# Some buyers may not have email set
# We must update them to store their email
# If all buyers have emails set then this can
# be safely removed
if not buyer.get('email', None):
client.update_buyer(uuid, email=email)
set_user_has_pin(request, buyer.get('pin', False))
set_user_has_confirmed_pin(request, buyer.get('pin_confirmed', False))
set_user_reset_pin(request, buyer.get('needs_pin_reset', False))
set_user_has_new_pin(request, buyer.get('new_pin', False))
request.session['uuid_pin_was_locked'] = buyer.get('pin_was_locked_out',
False)
request.session['uuid_pin_is_locked'] = buyer.get('pin_is_locked_out',
False)
if new_uuid:
request.session['last_pin_success'] = None
return uuid
def test_non_existent_get_buyer(self, slumber):
slumber.generic.buyer.get_object_or_404.side_effect = HttpClientError(
response=self.create_error_response())
buyer = client.get_buyer('something-that-does-not-exist')
assert 'errors' in buyer
def clean_pin(self, *args, **kwargs):
pin = self.cleaned_data['pin']
buyer = client.get_buyer(self.uuid)
if buyer and self.handle_client_errors(buyer):
self.buyer = buyer
return pin
def test_invalid_json_response(self, fake_log, slumber):
slumber.generic.buyer.get_object_or_404.side_effect = HttpClientError(
response=self.create_error_response(content='<not valid json>'))
with self.assertRaises(ValueError):
client.get_buyer('catastrophic-non-json-error')
assert fake_log.error.called, 'expected response to be logged'
def test_non_existent_get_buyer(self):
buyer = client.get_buyer('something that does not exist')
assert not buyer
def clean_old_pin(self, *args, **kwargs):
old_pin = self.cleaned_data['old_pin']
if self.handle_client_errors(client.verify_pin(self.uuid, old_pin)):
self.buyer = self.handle_client_errors(client.get_buyer(self.uuid))
return old_pin
raise forms.ValidationError(_('Incorrect PIN'))
def test_get_buyer(self):
buyer = client.get_buyer(self.uuid)
eq_(buyer.get('uuid'), self.uuid)
assert buyer.get('pin')
assert buyer.get('id')
def test_invalid_json_response(self, fake_log, slumber):
slumber.generic.buyer.get_object_or_404.side_effect = HttpClientError(
response=self.create_error_response(content='<not valid json>'))
with self.assertRaises(ValueError):
client.get_buyer('catastrophic-non-json-error')
assert fake_log.error.called, 'expected response to be logged'
def test_non_existent_get_buyer(self, slumber):
slumber.generic.buyer.get_object_or_404.side_effect = HttpClientError(
response=self.create_error_response())
buyer = client.get_buyer('something-that-does-not-exist')
assert 'errors' in buyer
def retrieve(self, request):
res = client.get_buyer(request.session['uuid'])
if not res:
raise Http404
serial = PinSerializer(res)
return response.Response(serial.data)
def retrieve(self, request):
res = client.get_buyer(request.session['uuid'])
serial = PinSerializer(res or None)
return response.Response(serial.data)
