def test_session_db_update():
"""
Test `prewikka.session.session.SessionDatabase.update_session` method.
"""
session_database = SessionDatabase()
user = User('anonymous')
session_id = create_session(user)
old_query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
time_ = time.time() + 3600 # add 3600s
session_database.update_session(session_id, time_)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert old_query.toString() != query.toString()
assert query.getRowCount() == 1
assert session_id in query.toString()
assert user.name in query.toString()
assert datetime.datetime.utcfromtimestamp(time_).strftime(
'%Y-%m-%d %H:%M:%S') in query.toString()
# wrong session_id: nothing happening
fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
session_database.update_session(fake_session_id, time_)
clean_sessions()
def test_dbauth():
"""
Test `prewikka.auth.dbauth.DBAuth` class.
"""
auth = DBAuth(ConfigSection(None))
user = User('john')
group = Group('grp')
assert auth.can_create_user()
assert auth.can_delete_user()
assert auth.can_set_password()
assert auth.can_manage_permissions()
assert not auth.get_user_by_id(user.id)
auth.create_user(user)
assert auth.has_user(user)
assert auth.get_user_by_id(user.id)
assert user in auth.get_user_list()
assert user in auth.get_user_list('jo')
auth.set_user_permissions(user, ['FAKE_PERM1'])
assert 'FAKE_PERM1' in auth.get_user_permissions(user)
assert 'FAKE_PERM1' in auth.get_user_permissions(user, True)
assert auth.can_create_group()
assert auth.can_delete_group()
assert auth.can_manage_group_members()
assert auth.can_manage_group_permissions()
assert not auth.get_group_by_id(group.id)
auth.create_group(group)
assert auth.has_group(group)
assert auth.get_group_by_id(group.id)
assert group in auth.get_group_list()
assert group in auth.get_group_list('gr')
auth.set_group_members(group, [user])
assert user in auth.get_group_members(group)
auth.set_member_of(user, [group])
assert group in auth.get_member_of(user)
assert auth.is_member_of(group, user)
auth.set_group_permissions(group, ['FAKE_PERM2'])
assert 'FAKE_PERM2' in auth.get_group_permissions(group)
assert 'FAKE_PERM2' in auth.get_user_permissions(user)
assert 'FAKE_PERM2' not in auth.get_user_permissions(user, True)
assert 'FAKE_PERM2' in auth.get_user_permissions_from_groups(user)
auth.delete_user(user)
assert not auth.get_user_by_id(user.id)
auth.delete_group(group)
assert not auth.get_group_by_id(group.id)
def test_session_db_create_():
"""
Test `prewikka.session.session.SessionDatabase.create_session` method.
"""
user = User('anonymous')
session_id = create_session(user)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert query.getRowCount() == 1
assert session_id in query.toString()
assert user.name in query.toString()
clean_sessions()
def test_session_db_delete_expired_():
"""
Test `prewikka.session.session.SessionDatabase.delete_expired_sessions` method.
"""
session_database = SessionDatabase()
user = User('anonymous')
t_now = time.time()
t_before = t_now - 3600
t_after = t_now + 3600
# without sessions in database
session_database.delete_expired_sessions(t_now)
# with 1 session expired in database
session_id = create_session(user, t_before)
session_database.delete_expired_sessions(t_now)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert query.getRowCount() == 0
# with 1 session NOT expired in database
session_id = create_session(user, t_after)
session_database.delete_expired_sessions(t_now)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert query.getRowCount() == 1
clean_sessions()
# with 2 sessions expired and 1 not expired
session_id_1 = create_session(user, t_before)
session_id_2 = create_session(user, t_before)
session_id_3 = create_session(user, t_after)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 3
session_database.delete_expired_sessions(t_now)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 1
assert session_id_1 not in query.toString()
assert session_id_2 not in query.toString()
assert session_id_3 in query.toString()
clean_sessions()
def test_session_db_get():
"""
Test `prewikka.session.session.SessionDatabase.get_session` method.
"""
session_database = SessionDatabase()
user = User('anonymous')
session_id = create_session(user)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert query.getRowCount() == 1
username, time_ = session_database.get_session(session_id)
assert username == user.name
assert datetime.datetime.utcfromtimestamp(time_).strftime(
'%Y-%m-%d %H:%M:%S') in query.toString()
# wrong session_id: fail
with pytest.raises(Exception):
fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
session_database.get_session(fake_session_id)
clean_sessions()
def test_user():
"""
Test `prewikka.usergroup.User` class.
"""
with pytest.raises(Exception):
User()
user1 = User(login='******')
user2 = User(login='******')
user1.create()
assert user1 != user2
assert user1.name == 'foo'
assert user1 == User(userid=user1.id)
# set permissions (not implemented)
with pytest.raises(NotImplementedError):
user1.permissions = 'perm1'
user1._permissions = 'perm2'
# set_locale()
user1.set_locale()
backup_locale = env.config.general.default_locale
env.config.general.default_locale = None
user1.set_locale()
env.config.general.default_locale = backup_locale
# set_property()
user1.set_property('key1', '1')
user1.set_property('key2', '2', '/agents/agents')
# get_property()
assert user1.get_property('key1') == '1'
assert user1.get_property('key2', '/agents/agents') == '2'
assert user1.get_property('key3', '/agents/agents', '3') == '3'
# del_property()
user1.del_property(None)
user1.del_property('key1')
assert not user1.get_property('key1')
user1.del_property(None, '/agents/agents')
user1.del_property('key2', '/agents/agents')
assert not user1.get_property('key2')
# del_properties()
user1.set_property('key4', '4', '/agents/agents')
assert user1.get_property('key4', '/agents/agents') == '4'
user1.set_property('key5', '5', '/agents/agents')
assert user1.get_property('key5', '/agents/agents') == '5'
user1.del_properties('/agents/agents')
assert not user1.get_property('key4', '/agents/agents')
assert not user1.get_property('key5', '/agents/agents')
# del_property_match()
user1.set_property('key6', '6')
assert user1.get_property('key6') == '6'
user1.del_property_match('key6')
user1.set_property('key7', '7', '/agents/agents')
assert user1.get_property('key7', '/agents/agents') == '7'
user1.del_property_match('key7', '/agents/agents')
user1.set_property('key8', '8', '/agents/agents')
user1.del_property_match('key999', '/agents/agents')
user1.del_property_match('key9', '/agents/list')
# get_property_fail()
with pytest.raises(KeyError):
user1.get_property_fail('key10', '10')
user1.set_property('key11', '11')
# sync_properties()
user1.sync_properties()
# has()
assert not user1.has(['foo'])
assert not user1.has(('foo',))
assert not user1.has(set('foo'))
assert not user1.has('foo')
# check()
with pytest.raises(PermissionDeniedError):
user1.check('perm1')
with pytest.raises(PermissionDeniedError):
user1.check('perm1', '/agents/agents')
user1.delete()
def test_session():
"""
Test `prewikka.session.session.Session` class.
"""
session_config = ConfigSection("")
session_config.expiration = 60 # 1 hour
create_session(env.request.user, session_id=TEST_SESSION_ID)
req = deepcopy(env.request.web)
# __init__()
session = Session(session_config)
# get_user()
user_from_session = session.get_user(req)
assert env.request.user == user_from_session
# get_user() with old (but valid) cookie
clean_sessions()
create_session(env.request.user,
time_=time.time() - 3600,
session_id=TEST_SESSION_ID)
user_from_session = session.get_user(req)
assert env.request.user == user_from_session
# get_user() with invalid session (empty cookie)
with pytest.raises(SessionInvalid):
req = deepcopy(env.request.web)
req.input_cookie = {}
session.get_user(req)
# get_user() with expired session (AJAX request)
with pytest.raises(SessionExpired):
req = deepcopy(env.request.web)
req.input_cookie = {}
req.is_xhr = True
session.get_user(req)
# get_user() with invalid session (bad session_id)
with pytest.raises(SessionInvalid):
req = deepcopy(env.request.web)
req.input_cookie['sessionid'] = cookies.Morsel()
req.input_cookie['sessionid'].value = 'invalid'
session.get_user(req)
# get_user() with expired session (cookie expired)
with pytest.raises(SessionExpired):
clean_sessions()
req = deepcopy(env.request.web)
create_session(env.request.user,
time_=time.time() - 3600 * 24,
session_id=TEST_SESSION_ID)
session = Session(session_config)
session.get_user(req)
# get_user() with invalid user
backup_user = env.request.user
with pytest.raises(SessionInvalid):
req = deepcopy(env.request.web)
env.request.user = User('test')
session.get_user(req)
env.request.user = backup_user
# get_user() with changed backend
backup_auth = env.auth
with pytest.raises(SessionInvalid):
req = deepcopy(env.request.web)
clean_sessions()
create_session(env.request.user, session_id=TEST_SESSION_ID)
env.auth = FakeAuthBackend(ConfigSection(""))
session.get_user(req)
env.auth = backup_auth
# logout()
with pytest.raises(SessionInvalid):
clean_sessions()
create_session(env.request.user, session_id=TEST_SESSION_ID)
session = Session(session_config)
req = deepcopy(env.request.web)
session.logout(req)
# can_logout()
assert session.can_logout()
clean_sessions()
def test_session_db_delete():
"""
Test `prewikka.session.session.SessionDatabase.delete_session` method.
"""
session_database = SessionDatabase()
user = User('anonymous')
# delete 1 session based on sessionid
session_id = create_session(user)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert query.getRowCount() == 1
session_database.delete_session(sessionid=session_id)
query = env.db.query(
'SELECT * from Prewikka_Session WHERE sessionid=\'%s\'' % session_id)
assert query.getRowCount() == 0
# delete 1 session based on userid
session_id = create_session(user)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert session_id in query.toString()
assert query.getRowCount() == 1
session_database.delete_session(user=user)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 0
# delete multiple sessions based on userid
session_id_1 = create_session(user)
session_id_2 = create_session(user)
session_id_3 = create_session(user)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert session_id_1 in query.toString()
assert session_id_2 in query.toString()
assert session_id_3 in query.toString()
assert query.getRowCount() == 3
session_database.delete_session(user=user)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 0
clean_sessions()
# delete session based on invalid sessionid: nothing happening
create_session(user)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 1
fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
session_database.delete_session(sessionid=fake_session_id)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 1
# delete session based on invalid userid: nothing happening
fake_user = User('fake')
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
fake_user.id)
assert query.getRowCount() == 0
session_database.delete_session(user=fake_user)
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
user.id)
assert query.getRowCount() == 1
query = env.db.query('SELECT * from Prewikka_Session WHERE userid=\'%s\'' %
fake_user.id)
assert query.getRowCount() == 0
# delete session with both userid and sessionid: fail
with pytest.raises(Exception):
fake_session_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
fake_user_id = 'bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb'
session_database.delete_session(sessionid=fake_session_id,
user=fake_user_id)
# delete session without userid and sessionid: nothing
session_database.delete_session(sessionid=None, user=None)
clean_sessions()
def test_auth():
"""
Test `prewikka.auth.auth.Auth` class.
"""
auth = Auth(ConfigSection(None))
user = User('john')
group = Group('grp')
# _AuthUser()
assert not auth.can_create_user()
assert not auth.can_delete_user()
assert not auth.can_set_password()
assert not auth.can_manage_permissions()
assert not auth.get_user_list()
assert not auth.get_user_list('foo')
assert not auth.get_user_by_id(user.id)
auth.create_user(user)
assert auth.get_user_by_id(user.id)
auth.delete_user(user)
assert not auth.get_user_by_id(user.id)
with pytest.raises(NotImplementedError):
auth.has_user(user)
assert not auth.get_user_permissions(user)
assert not auth.get_user_permissions(user, True)
assert not auth.get_user_permissions_from_groups(user)
with pytest.raises(NotImplementedError):
auth.set_user_permissions(user, ['FAKE_PERM'])
# _AuthGroup
assert not auth.can_create_group()
assert not auth.can_delete_group()
assert not auth.can_manage_group_members()
assert not auth.can_manage_group_permissions()
assert not auth.get_group_list()
assert not auth.get_group_list('foo')
assert not auth.get_group_by_id(group.id)
auth.create_group(group)
assert auth.get_group_by_id(group.id)
auth.delete_group(group)
assert not auth.get_group_by_id(group.id)
with pytest.raises(NotImplementedError):
auth.set_group_permissions(group, ['FAKE_PERM'])
assert not auth.get_group_permissions(group)
with pytest.raises(NotImplementedError):
auth.set_group_members(group, [user])
assert not auth.get_group_members(group)
with pytest.raises(NotImplementedError):
auth.set_member_of(user, [group])
assert not auth.get_member_of(user)
with pytest.raises(NotImplementedError):
auth.is_member_of(group, user)
with pytest.raises(NotImplementedError):
auth.has_group(group)