def test_session_db_update(): """ Test `prewikka.session.session.SessionDatabase.update_session` method. """ session_database = SessionDatabase() user = User('anonymous') session_id = create_session(user) old_query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) time_ = time.time() + 3600 # add 3600s session_database.update_session(session_id, time_) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert old_query.toString() != query.toString() assert query.getRowCount() == 1 assert session_id in query.toString() assert user.name in query.toString() assert datetime.datetime.utcfromtimestamp(time_).strftime( '%Y-%m-%d %H:%M:%S') in query.toString() # wrong session_id: nothing happening fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' session_database.update_session(fake_session_id, time_) clean_sessions()
def test_dbauth(): """ Test `prewikka.auth.dbauth.DBAuth` class. """ auth = DBAuth(ConfigSection(None)) user = User('john') group = Group('grp') assert auth.can_create_user() assert auth.can_delete_user() assert auth.can_set_password() assert auth.can_manage_permissions() assert not auth.get_user_by_id(user.id) auth.create_user(user) assert auth.has_user(user) assert auth.get_user_by_id(user.id) assert user in auth.get_user_list() assert user in auth.get_user_list('jo') auth.set_user_permissions(user, ['FAKE_PERM1']) assert 'FAKE_PERM1' in auth.get_user_permissions(user) assert 'FAKE_PERM1' in auth.get_user_permissions(user, True) assert auth.can_create_group() assert auth.can_delete_group() assert auth.can_manage_group_members() assert auth.can_manage_group_permissions() assert not auth.get_group_by_id(group.id) auth.create_group(group) assert auth.has_group(group) assert auth.get_group_by_id(group.id) assert group in auth.get_group_list() assert group in auth.get_group_list('gr') auth.set_group_members(group, [user]) assert user in auth.get_group_members(group) auth.set_member_of(user, [group]) assert group in auth.get_member_of(user) assert auth.is_member_of(group, user) auth.set_group_permissions(group, ['FAKE_PERM2']) assert 'FAKE_PERM2' in auth.get_group_permissions(group) assert 'FAKE_PERM2' in auth.get_user_permissions(user) assert 'FAKE_PERM2' not in auth.get_user_permissions(user, True) assert 'FAKE_PERM2' in auth.get_user_permissions_from_groups(user) auth.delete_user(user) assert not auth.get_user_by_id(user.id) auth.delete_group(group) assert not auth.get_group_by_id(group.id)
def test_session_db_create_(): """ Test `prewikka.session.session.SessionDatabase.create_session` method. """ user = User('anonymous') session_id = create_session(user) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert query.getRowCount() == 1 assert session_id in query.toString() assert user.name in query.toString() clean_sessions()
def test_session_db_delete_expired_(): """ Test `prewikka.session.session.SessionDatabase.delete_expired_sessions` method. """ session_database = SessionDatabase() user = User('anonymous') t_now = time.time() t_before = t_now - 3600 t_after = t_now + 3600 # without sessions in database session_database.delete_expired_sessions(t_now) # with 1 session expired in database session_id = create_session(user, t_before) session_database.delete_expired_sessions(t_now) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert query.getRowCount() == 0 # with 1 session NOT expired in database session_id = create_session(user, t_after) session_database.delete_expired_sessions(t_now) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert query.getRowCount() == 1 clean_sessions() # with 2 sessions expired and 1 not expired session_id_1 = create_session(user, t_before) session_id_2 = create_session(user, t_before) session_id_3 = create_session(user, t_after) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 3 session_database.delete_expired_sessions(t_now) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 1 assert session_id_1 not in query.toString() assert session_id_2 not in query.toString() assert session_id_3 in query.toString() clean_sessions()
def test_session_db_get(): """ Test `prewikka.session.session.SessionDatabase.get_session` method. """ session_database = SessionDatabase() user = User('anonymous') session_id = create_session(user) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert query.getRowCount() == 1 username, time_ = session_database.get_session(session_id) assert username == user.name assert datetime.datetime.utcfromtimestamp(time_).strftime( '%Y-%m-%d %H:%M:%S') in query.toString() # wrong session_id: fail with pytest.raises(Exception): fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' session_database.get_session(fake_session_id) clean_sessions()
def test_user(): """ Test `prewikka.usergroup.User` class. """ with pytest.raises(Exception): User() user1 = User(login='******') user2 = User(login='******') user1.create() assert user1 != user2 assert user1.name == 'foo' assert user1 == User(userid=user1.id) # set permissions (not implemented) with pytest.raises(NotImplementedError): user1.permissions = 'perm1' user1._permissions = 'perm2' # set_locale() user1.set_locale() backup_locale = env.config.general.default_locale env.config.general.default_locale = None user1.set_locale() env.config.general.default_locale = backup_locale # set_property() user1.set_property('key1', '1') user1.set_property('key2', '2', '/agents/agents') # get_property() assert user1.get_property('key1') == '1' assert user1.get_property('key2', '/agents/agents') == '2' assert user1.get_property('key3', '/agents/agents', '3') == '3' # del_property() user1.del_property(None) user1.del_property('key1') assert not user1.get_property('key1') user1.del_property(None, '/agents/agents') user1.del_property('key2', '/agents/agents') assert not user1.get_property('key2') # del_properties() user1.set_property('key4', '4', '/agents/agents') assert user1.get_property('key4', '/agents/agents') == '4' user1.set_property('key5', '5', '/agents/agents') assert user1.get_property('key5', '/agents/agents') == '5' user1.del_properties('/agents/agents') assert not user1.get_property('key4', '/agents/agents') assert not user1.get_property('key5', '/agents/agents') # del_property_match() user1.set_property('key6', '6') assert user1.get_property('key6') == '6' user1.del_property_match('key6') user1.set_property('key7', '7', '/agents/agents') assert user1.get_property('key7', '/agents/agents') == '7' user1.del_property_match('key7', '/agents/agents') user1.set_property('key8', '8', '/agents/agents') user1.del_property_match('key999', '/agents/agents') user1.del_property_match('key9', '/agents/list') # get_property_fail() with pytest.raises(KeyError): user1.get_property_fail('key10', '10') user1.set_property('key11', '11') # sync_properties() user1.sync_properties() # has() assert not user1.has(['foo']) assert not user1.has(('foo',)) assert not user1.has(set('foo')) assert not user1.has('foo') # check() with pytest.raises(PermissionDeniedError): user1.check('perm1') with pytest.raises(PermissionDeniedError): user1.check('perm1', '/agents/agents') user1.delete()
def test_session(): """ Test `prewikka.session.session.Session` class. """ session_config = ConfigSection("") session_config.expiration = 60 # 1 hour create_session(env.request.user, session_id=TEST_SESSION_ID) req = deepcopy(env.request.web) # __init__() session = Session(session_config) # get_user() user_from_session = session.get_user(req) assert env.request.user == user_from_session # get_user() with old (but valid) cookie clean_sessions() create_session(env.request.user, time_=time.time() - 3600, session_id=TEST_SESSION_ID) user_from_session = session.get_user(req) assert env.request.user == user_from_session # get_user() with invalid session (empty cookie) with pytest.raises(SessionInvalid): req = deepcopy(env.request.web) req.input_cookie = {} session.get_user(req) # get_user() with expired session (AJAX request) with pytest.raises(SessionExpired): req = deepcopy(env.request.web) req.input_cookie = {} req.is_xhr = True session.get_user(req) # get_user() with invalid session (bad session_id) with pytest.raises(SessionInvalid): req = deepcopy(env.request.web) req.input_cookie['sessionid'] = cookies.Morsel() req.input_cookie['sessionid'].value = 'invalid' session.get_user(req) # get_user() with expired session (cookie expired) with pytest.raises(SessionExpired): clean_sessions() req = deepcopy(env.request.web) create_session(env.request.user, time_=time.time() - 3600 * 24, session_id=TEST_SESSION_ID) session = Session(session_config) session.get_user(req) # get_user() with invalid user backup_user = env.request.user with pytest.raises(SessionInvalid): req = deepcopy(env.request.web) env.request.user = User('test') session.get_user(req) env.request.user = backup_user # get_user() with changed backend backup_auth = env.auth with pytest.raises(SessionInvalid): req = deepcopy(env.request.web) clean_sessions() create_session(env.request.user, session_id=TEST_SESSION_ID) env.auth = FakeAuthBackend(ConfigSection("")) session.get_user(req) env.auth = backup_auth # logout() with pytest.raises(SessionInvalid): clean_sessions() create_session(env.request.user, session_id=TEST_SESSION_ID) session = Session(session_config) req = deepcopy(env.request.web) session.logout(req) # can_logout() assert session.can_logout() clean_sessions()
def test_session_db_delete(): """ Test `prewikka.session.session.SessionDatabase.delete_session` method. """ session_database = SessionDatabase() user = User('anonymous') # delete 1 session based on sessionid session_id = create_session(user) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert query.getRowCount() == 1 session_database.delete_session(sessionid=session_id) query = env.db.query( 'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id) assert query.getRowCount() == 0 # delete 1 session based on userid session_id = create_session(user) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert session_id in query.toString() assert query.getRowCount() == 1 session_database.delete_session(user=user) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 0 # delete multiple sessions based on userid session_id_1 = create_session(user) session_id_2 = create_session(user) session_id_3 = create_session(user) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert session_id_1 in query.toString() assert session_id_2 in query.toString() assert session_id_3 in query.toString() assert query.getRowCount() == 3 session_database.delete_session(user=user) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 0 clean_sessions() # delete session based on invalid sessionid: nothing happening create_session(user) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 1 fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' session_database.delete_session(sessionid=fake_session_id) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 1 # delete session based on invalid userid: nothing happening fake_user = User('fake') query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % fake_user.id) assert query.getRowCount() == 0 session_database.delete_session(user=fake_user) query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % user.id) assert query.getRowCount() == 1 query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' % fake_user.id) assert query.getRowCount() == 0 # delete session with both userid and sessionid: fail with pytest.raises(Exception): fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' fake_user_id = 'bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb' session_database.delete_session(sessionid=fake_session_id, user=fake_user_id) # delete session without userid and sessionid: nothing session_database.delete_session(sessionid=None, user=None) clean_sessions()
def test_auth(): """ Test `prewikka.auth.auth.Auth` class. """ auth = Auth(ConfigSection(None)) user = User('john') group = Group('grp') # _AuthUser() assert not auth.can_create_user() assert not auth.can_delete_user() assert not auth.can_set_password() assert not auth.can_manage_permissions() assert not auth.get_user_list() assert not auth.get_user_list('foo') assert not auth.get_user_by_id(user.id) auth.create_user(user) assert auth.get_user_by_id(user.id) auth.delete_user(user) assert not auth.get_user_by_id(user.id) with pytest.raises(NotImplementedError): auth.has_user(user) assert not auth.get_user_permissions(user) assert not auth.get_user_permissions(user, True) assert not auth.get_user_permissions_from_groups(user) with pytest.raises(NotImplementedError): auth.set_user_permissions(user, ['FAKE_PERM']) # _AuthGroup assert not auth.can_create_group() assert not auth.can_delete_group() assert not auth.can_manage_group_members() assert not auth.can_manage_group_permissions() assert not auth.get_group_list() assert not auth.get_group_list('foo') assert not auth.get_group_by_id(group.id) auth.create_group(group) assert auth.get_group_by_id(group.id) auth.delete_group(group) assert not auth.get_group_by_id(group.id) with pytest.raises(NotImplementedError): auth.set_group_permissions(group, ['FAKE_PERM']) assert not auth.get_group_permissions(group) with pytest.raises(NotImplementedError): auth.set_group_members(group, [user]) assert not auth.get_group_members(group) with pytest.raises(NotImplementedError): auth.set_member_of(user, [group]) assert not auth.get_member_of(user) with pytest.raises(NotImplementedError): auth.is_member_of(group, user) with pytest.raises(NotImplementedError): auth.has_group(group)