def setUp(self):
super().setUp()
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
def setUp(self):
super().setUp()
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def setUp(self):
super().setUp()
self._app.permanent_session_lifetime = timedelta(seconds=1)
self.session_store = SessionStore('user_ik', 'pepper')
self.session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref'
)
def test_session_store_ignores_multiple_new_values_in_session_data(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
session_data.additional_value = "some cool new value you do not know about yet"
session_data.second_additional_value = "some other not so cool value"
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertFalse(
hasattr(session_store.session_data, "additional_value"))
self.assertFalse(
hasattr(session_store.session_data, "second_additional_value"))
def setUp(self):
super().setUp()
self.session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
response_id="response_id",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
case_id="case_id",
questionnaire_id="questionnaire_id",
)
self.session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def test_save(self):
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test",
self.session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertEqual(session_store.session_data.tx_id, "tx_id")
def test_save(self):
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
self.session_data,
self.expires_at).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertEqual(session_store.session_data.tx_id, 'tx_id')
def test_session_store_reads_data_saved_with_trading_as_but_read_not_expecting_trading_as(self):
"""This test simulates the case where a session is created using a new session store that holds trading as
but this gets read in an old session that does NOT support trading as """
original_loads_func = simplejson.loads
class OldSessionData:
"""class representing what old sessions expect ( no trading as) """
def __init__(self,
tx_id,
eq_id,
form_type,
period_str,
language_code,
survey_url,
ru_name,
ru_ref,
case_id=None,
case_ref=None,
account_service_url=None,
submitted_time=None,
**_):
self.tx_id = tx_id
self.eq_id = eq_id
self.form_type = form_type
self.period_str = period_str
self.language_code = language_code
self.survey_url = survey_url
self.ru_name = ru_name
self.ru_ref = ru_ref
self.submitted_time = submitted_time
self.case_id = case_id
self.case_ref = case_ref
self.account_service_url = account_service_url
def old_json_loader(raw, object_hook): # pylint: disable=unused-argument
"""replacement for json.loads to decode to old format ( no trading as) """
old_data = original_loads_func(raw, object_hook=lambda d: OldSessionData(**d)) # call json.loads ,hook pointing to an old class
return old_data
session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as_name'
)
with self._app.test_request_context():
with patch('app.data_model.session_store.json.loads', old_json_loader): # patch json.loads to use old_json_loader above
self.session_store.create('eq_session_id', 'test', session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertFalse(hasattr(session_store.session_data, 'trad_as'))
def test_legacy_load(self):
self._save_session(self.session_id,
self.user_id,
self.session_data,
legacy=True)
session_store = SessionStore(self.user_ik, self.pepper,
self.session_id)
self.assertEqual(session_store.session_data.tx_id,
self.session_data.tx_id)
def create_session_store(eq_session_id, user_id, user_ik, session_data):
from app.data_model.session_store import SessionStore
# pylint: disable=W0212
pepper = current_app.eq['secret_store'].get_secret_by_name(
'EQ_SERVER_SIDE_STORAGE_ENCRYPTION_USER_PEPPER')
g._session_store = SessionStore(user_ik,
pepper).create(eq_session_id, user_id,
session_data).save()
def test_add_data_to_session(self):
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', self.session_data, self.expires_at).save()
current_time = datetime.utcnow().isoformat()
self.session_store.session_data.submitted_time = current_time
self.session_store.save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertEqual(session_store.session_data.submitted_time, current_time)
def create_session_store(eq_session_id, user_id, user_ik, session_data):
from app.data_model.session_store import SessionStore
pepper = current_app.eq["secret_store"].get_secret_by_name(
"EQ_SERVER_SIDE_STORAGE_ENCRYPTION_USER_PEPPER")
session_timeout_in_seconds = get_session_timeout_in_seconds(g.schema)
expires_at = datetime.now(tz=tzutc()) + timedelta(
seconds=session_timeout_in_seconds)
# pylint: disable=W0212
g._session_store = (SessionStore(user_ik,
pepper).create(eq_session_id, user_id,
session_data,
expires_at).save())
def get_session_store():
from app.data_model.session_store import SessionStore
if USER_IK not in cookie_session or EQ_SESSION_ID not in cookie_session:
return None
# Sets up a single SessionStore instance per request.
store = g.get('_session_store')
if store is None:
pepper = current_app.eq['secret_store'].get_secret_by_name('EQ_SERVER_SIDE_STORAGE_ENCRYPTION_USER_PEPPER')
store = g._session_store = SessionStore(cookie_session[USER_IK], pepper, cookie_session[EQ_SESSION_ID])
return store
def test_session_store_stores_none_for_trading_as_if_not_present(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_reads_data_saved_without_trading_as_but_read_expecting_trading_as(self):
old_session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref'
)
delattr(old_session_data, 'trad_as') # Make class look like old style class
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', old_session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_stores_trading_as_value_if_present(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as',
case_id='case_id')
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', session_data,
self.expires_at).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertTrue(hasattr(session_store.session_data, 'trad_as'))
def test_session_store_ignores_new_values_in_session_data(self):
session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref'
)
session_data.additional_value = 'some cool new value you do not know about yet'
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertFalse(hasattr(session_store.session_data, 'additional_value'))
def test_session_store_stores_none_for_trading_as_if_not_present(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertIsNone(session_store.session_data.trad_as)
class TestAuthenticator(AppContextTestCase): # pylint: disable=too-many-public-methods
def setUp(self):
super().setUp()
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def test_check_session_with_user_id_in_session(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data, self.expires_at)
cookie_session[USER_IK] = 'user_ik'
# When
user = load_user()
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
def test_check_session_with_no_user_id_in_session(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=None):
# When
user = load_user()
# Then
self.assertIsNone(user)
def test_load_user(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data, self.expires_at)
cookie_session[USER_IK] = 'user_ik'
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
def test_request_load_user(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data, self.expires_at)
cookie_session[USER_IK] = 'user_ik'
# When
user = request_load_user(None)
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
def test_no_user_when_session_has_expired(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id',
'user_id',
self.session_data,
expires_at=datetime.now(tzutc()))
cookie_session[USER_IK] = 'user_ik'
# When
user = user_loader(None)
# Then
self.assertIsNone(user)
self.assertIsNone(cookie_session.get(USER_IK))
def test_valid_user_extends_session_expiry(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data, self.expires_at)
cookie_session[USER_IK] = 'user_ik'
cookie_session['expires_in'] = 5
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
self.assertEqual(user.is_authenticated, True)
self.assertGreater(self.session_store.expiration_time,
self.expires_at)
def test_session_still_valid_without_expiration_time(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create(
'eq_session_id', 'user_id',
self.session_data) # expires_at = None
cookie_session[USER_IK] = 'user_ik'
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
self.assertEqual(user.is_authenticated, True)
self.assertIsNone(self.session_store.expiration_time)
class TestAuthenticator(AppContextTestCase): # pylint: disable=too-many-public-methods
def setUp(self):
super().setUp()
self.session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
response_id="response_id",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
case_id="case_id",
questionnaire_id="questionnaire_id",
)
self.session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def test_check_session_with_user_id_in_session(self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create("eq_session_id", "user_id",
self.session_data, self.expires_at)
cookie_session[USER_IK] = "user_ik"
# When
user = load_user()
# Then
self.assertEqual(user.user_id, "user_id")
self.assertEqual(user.user_ik, "user_ik")
def test_check_session_with_no_user_id_in_session(self):
with self.app_request_context("/status"):
with patch("app.authentication.authenticator.get_session_store",
return_value=None):
# When
user = load_user()
# Then
self.assertIsNone(user)
def test_load_user(self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create("eq_session_id", "user_id",
self.session_data, self.expires_at)
cookie_session[USER_IK] = "user_ik"
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, "user_id")
self.assertEqual(user.user_ik, "user_ik")
def test_request_load_user(self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create("eq_session_id", "user_id",
self.session_data, self.expires_at)
cookie_session[USER_IK] = "user_ik"
# When
user = request_load_user(None)
# Then
self.assertEqual(user.user_id, "user_id")
self.assertEqual(user.user_ik, "user_ik")
def test_no_user_when_session_has_expired(self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create(
"eq_session_id",
"user_id",
self.session_data,
expires_at=datetime.now(tzutc()),
)
cookie_session[USER_IK] = "user_ik"
# When
user = user_loader(None)
# Then
self.assertIsNone(user)
self.assertIsNone(cookie_session.get(USER_IK))
def test_valid_user_does_not_extend_session_expiry_when_expiry_less_than_60_seconds_different(
self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create("eq_session_id", "user_id",
self.session_data, self.expires_at)
cookie_session[USER_IK] = "user_ik"
cookie_session["expires_in"] = 5
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, "user_id")
self.assertEqual(user.user_ik, "user_ik")
self.assertEqual(user.is_authenticated, True)
self.assertEqual(self.session_store.expiration_time,
self.expires_at)
def test_valid_user_extends_session_expiry_when_expiry_greater_than_60_seconds_different(
self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create("eq_session_id", "user_id",
self.session_data, self.expires_at)
cookie_session[USER_IK] = "user_ik"
cookie_session["expires_in"] = 600
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, "user_id")
self.assertEqual(user.user_ik, "user_ik")
self.assertEqual(user.is_authenticated, True)
self.assertGreater(self.session_store.expiration_time,
self.expires_at)
def test_session_still_valid_without_expiration_time(self):
with self.app_request_context("/status"):
with patch(
"app.authentication.authenticator.get_session_store",
return_value=self.session_store,
):
# Given
self.session_store.create(
"eq_session_id", "user_id",
self.session_data) # expires_at = None
cookie_session[USER_IK] = "user_ik"
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, "user_id")
self.assertEqual(user.user_ik, "user_ik")
self.assertEqual(user.is_authenticated, True)
self.assertIsNone(self.session_store.expiration_time)
def test_load(self):
session_store = SessionStore(self.user_ik, self.pepper,
self.session_id)
self.assertEqual(session_store.session_data.tx_id,
self.session_data.tx_id)
class SessionStoreTest(AppContextTestCase):
def setUp(self):
super().setUp()
self._app.permanent_session_lifetime = timedelta(seconds=1)
self.session_store = SessionStore("user_ik", "pepper")
self.expires_at = datetime.utcnow() + timedelta(seconds=1)
self.session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
questionnaire_id="questionnaire_id",
response_id="response_id",
case_id="case_id",
)
def test_no_session(self):
with self._app.test_request_context():
self.assertIsNone(self.session_store.user_id)
self.assertIsNone(self.session_store.session_data)
def test_create(self):
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test",
self.session_data, self.expires_at)
self.assertEqual("eq_session_id", self.session_store.eq_session_id)
self.assertEqual("test", self.session_store.user_id)
self.assertEqual(self.session_data,
self.session_store.session_data)
def test_save(self):
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test",
self.session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertEqual(session_store.session_data.tx_id, "tx_id")
def test_delete(self):
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test",
self.session_data,
self.expires_at).save()
self.assertEqual("test", self.session_store.user_id)
self.session_store.delete()
self.assertEqual(self.session_store.user_id, None)
def test_create_save_delete_with_no_expiry(self):
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test",
self.session_data).save()
self.assertEqual("eq_session_id", self.session_store.eq_session_id)
self.assertEqual("test", self.session_store.user_id)
self.assertEqual(self.session_data,
self.session_store.session_data)
self.assertIsNone(self.session_store.expiration_time)
self.session_store.delete()
self.assertEqual(self.session_store.user_id, None)
def test_add_data_to_session(self):
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test",
self.session_data,
self.expires_at).save()
current_time = datetime.utcnow().isoformat()
self.session_store.session_data.submitted_time = current_time
self.session_store.save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertEqual(session_store.session_data.submitted_time,
current_time)
def test_should_not_delete_when_no_session(self):
with self.app_request_context("/status") as context:
# Call clear with a valid user_id but no session in database
self.session_store.delete()
# No database calls should have been made
self.assertEqual(
context.app.eq["storage"].client.delete_call_count, 0)
def test_session_store_ignores_new_values_in_session_data(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
session_data.additional_value = "some cool new value you do not know about yet"
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertFalse(
hasattr(session_store.session_data, "additional_value"))
def test_session_store_ignores_multiple_new_values_in_session_data(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
session_data.additional_value = "some cool new value you do not know about yet"
session_data.second_additional_value = "some other not so cool value"
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertFalse(
hasattr(session_store.session_data, "additional_value"))
self.assertFalse(
hasattr(session_store.session_data, "second_additional_value"))
def test_session_store_stores_trading_as_value_if_present(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
trad_as="trading_as",
case_id="case_id",
)
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertTrue(hasattr(session_store.session_data, "trad_as"))
def test_session_store_stores_none_for_trading_as_if_not_present(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertIsNone(session_store.session_data.trad_as)
class SessionStoreTest(AppContextTestCase):
def setUp(self):
super().setUp()
self._app.permanent_session_lifetime = timedelta(seconds=1)
self.session_store = SessionStore('user_ik', 'pepper')
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
def test_no_session(self):
with self._app.test_request_context():
self.assertIsNone(self.session_store.user_id)
self.assertIsNone(self.session_store.session_data)
def test_create(self):
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
self.session_data)
self.assertEqual('eq_session_id', self.session_store.eq_session_id)
self.assertEqual('test', self.session_store.user_id)
self.assertEqual(self.session_data,
self.session_store.session_data)
def test_save(self):
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
self.session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertEqual(session_store.session_data.tx_id, 'tx_id')
def test_delete(self):
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
self.session_data).save()
self.assertEqual('test', self.session_store.user_id)
self.session_store.delete()
self.assertEqual(self.session_store.user_id, None)
def test_add_data_to_session(self):
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
self.session_data).save()
current_time = datetime.utcnow().isoformat()
self.session_store.session_data.submitted_time = current_time
self.session_store.save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertEqual(session_store.session_data.submitted_time,
current_time)
def test_should_not_delete_when_no_session(self):
with self.app_request_context('/status'):
with patch('app.data_model.models.db.session.delete') as delete:
# Call clear with a valid user_id but no session in database
self.session_store.delete()
# No database calls should have been made
self.assertFalse(delete.called)
def test_session_store_ignores_new_values_in_session_data(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
session_data.additional_value = 'some cool new value you do not know about yet'
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertFalse(
hasattr(session_store.session_data, 'additional_value'))
def test_session_store_ignores_multiple_new_values_in_session_data(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
session_data.additional_value = 'some cool new value you do not know about yet'
session_data.second_additional_value = 'some other not so cool value'
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertFalse(
hasattr(session_store.session_data, 'additional_value'))
self.assertFalse(
hasattr(session_store.session_data, 'second_additional_value'))
def test_session_store_stores_trading_as_value_if_present(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as',
case_id='case_id')
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertTrue(hasattr(session_store.session_data, 'trad_as'))
def test_session_store_stores_none_for_trading_as_if_not_present(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_reads_data_saved_without_trading_as_but_read_expecting_trading_as(
self):
old_session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
delattr(old_session_data,
'trad_as') # Make class look like old style class
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
old_session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_reads_data_saved_with_trading_as_but_read_not_expecting_trading_as(
self):
"""This test simulates the case where a session is created using a new session store that holds trading as
but this gets read in an old session that does NOT support trading as """
original_loads_func = json.loads
class OldSessionData:
"""class representing what old sessions expect ( no trading as) """
def __init__(self,
tx_id,
eq_id,
form_type,
period_str,
language_code,
survey_url,
ru_name,
ru_ref,
case_id,
case_ref=None,
account_service_url=None,
submitted_time=None,
**_):
self.tx_id = tx_id
self.eq_id = eq_id
self.form_type = form_type
self.period_str = period_str
self.language_code = language_code
self.survey_url = survey_url
self.ru_name = ru_name
self.ru_ref = ru_ref
self.submitted_time = submitted_time
self.case_id = case_id
self.case_ref = case_ref
self.account_service_url = account_service_url
def old_json_loader(raw, object_hook): # pylint: disable=unused-argument
"""replacement for json.loads to decode to old format ( no trading as) """
old_data = original_loads_func(
raw, object_hook=lambda d: OldSessionData(
**d)) # call json.loads ,hook pointing to an old class
return old_data
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as_name',
case_id='case_id')
with self._app.test_request_context():
with patch('app.data_model.session_store.json.loads',
old_json_loader
): # patch json.loads to use old_json_loader above
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper',
'eq_session_id')
self.assertFalse(hasattr(session_store.session_data,
'trad_as'))
class TestAuthenticator(AppContextTestCase): # pylint: disable=too-many-public-methods
def setUp(self):
super().setUp()
self.session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
)
self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
def test_check_session_with_user_id_in_session(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data)
session[USER_IK] = 'user_ik'
# When
user = load_user()
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
def test_check_session_with_no_user_id_in_session(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=None):
# When
user = load_user()
# Then
self.assertIsNone(user)
def test_load_user(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data)
session[USER_IK] = 'user_ik'
# When
user = user_loader(None)
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
def test_request_load_user(self):
with self.app_request_context('/status'):
with patch('app.authentication.authenticator.get_session_store',
return_value=self.session_store):
# Given
self.session_store.create('eq_session_id', 'user_id',
self.session_data)
session[USER_IK] = 'user_ik'
# When
user = request_load_user(None)
# Then
self.assertEqual(user.user_id, 'user_id')
self.assertEqual(user.user_ik, 'user_ik')
