def test_authorized_accesspage(self):
WhitelistedSession.objects.create(sessionkey="1111111111", expiry=datetime.datetime.now().replace(tzinfo=timezone.utc)+datetime.timedelta(hours=1))
request = self._get_request('/unlock?key=22222222221111111111')
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 200)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_ACCESS_GRANTED_ALREADY), -1)
def test_incorrect_key(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
request = self._get_request('/unlock?key=12345111111234567111')
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 403)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_INCORRECT_KEY), -1)
def test_admin_correct_key(self):
with self.settings(PROTECTED_ADMIN_KEY='99999999998888888888'):
request = self._get_request('/protect_admin?admin_key=99999999998888888888')
request.META['HTTP_HOST']="localhost:8000"
request.session.sessionkey='3333333333'
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_NEW_ACCESSKEY_CREATED.split('{')[0]), -1)
def test_unauthorized_no_session(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
WhitelistedSession.objects.create(sessionkey="111122222", expiry=datetime.datetime.now().replace(tzinfo=timezone.utc)+datetime.timedelta(hours=1))
request = self._get_request('/normalsite')
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 403)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_SITE_NOT_PUBLIC_MSG), -1)
def test_no_session(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
request = self._get_request('/any')
request.session = None
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 500)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_NO_SESSION), -1)
def test_incorrect_key(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
request = self._get_request('/unlock?key=12345111111234567111')
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 403)
self.assertNotEqual(
resp._get_content().find(
RestrictAccessMiddleware().PROTECTED_INCORRECT_KEY), -1)
def test_correct_key(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
request = self._get_request('/unlock?key=12345678901234567890')
resp = RestrictAccessMiddleware().process_request(request)
self.assertEqual(resp.status_code, 200)
self.assertNotEqual(
resp._get_content().find(
RestrictAccessMiddleware().PROTECTED_ACCESS_GRANTED.split(
'{')[0]), -1)
def test_no_session(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
request = self._get_request('/any')
request.session = None
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 500)
self.assertNotEqual(
resp._get_content().find(
RestrictAccessMiddleware().PROTECTED_NO_SESSION), -1)
def test_admin_correct_key(self):
with self.settings(PROTECTED_ADMIN_KEY='99999999998888888888'):
request = self._get_request(
'/protect_admin?admin_key=99999999998888888888')
request.META['HTTP_HOST'] = "localhost:8000"
request.session.sessionkey = '3333333333'
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(
resp._get_content().find(RestrictAccessMiddleware(
).PROTECTED_NEW_ACCESSKEY_CREATED.split('{')[0]), -1)
def test_admin_unauthorized(self):
with self.settings(PROTECTED_ADMIN_KEY='99999999998888888888'):
request = self._get_request(
'/protect_admin?admin_key=22222111112222211111')
request.session.sessionkey = '3333333333'
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(
resp._get_content().find(
RestrictAccessMiddleware().PROTECTED_INCORRECT_ADMIN_KEY),
-1)
def test_authorized_accesspage(self):
WhitelistedSession.objects.create(
sessionkey="1111111111",
expiry=datetime.datetime.now().replace(tzinfo=timezone.utc) +
datetime.timedelta(hours=1))
request = self._get_request('/unlock?key=22222222221111111111')
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 200)
self.assertNotEqual(
resp._get_content().find(
RestrictAccessMiddleware().PROTECTED_ACCESS_GRANTED_ALREADY),
-1)
def test_unauthorized_no_session(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
WhitelistedSession.objects.create(
sessionkey="111122222",
expiry=datetime.datetime.now().replace(tzinfo=timezone.utc) +
datetime.timedelta(hours=1))
request = self._get_request('/normalsite')
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp, None)
self.assertEqual(resp.status_code, 403)
self.assertNotEqual(
resp._get_content().find(
RestrictAccessMiddleware().PROTECTED_SITE_NOT_PUBLIC_MSG), -1)
def test_correct_key(self):
AccessKey.objects.create(key="12345678901234567890", accessesLeft=1)
request = self._get_request('/unlock?key=12345678901234567890')
resp = RestrictAccessMiddleware().process_request(request)
self.assertEqual(resp.status_code, 200)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_ACCESS_GRANTED.split('{')[0]), -1)
def test_admin_unauthorized(self):
with self.settings(PROTECTED_ADMIN_KEY='99999999998888888888'):
request = self._get_request('/protect_admin?admin_key=22222111112222211111')
request.session.sessionkey='3333333333'
resp = RestrictAccessMiddleware().process_request(request)
self.assertNotEqual(resp._get_content().find(RestrictAccessMiddleware().PROTECTED_INCORRECT_ADMIN_KEY), -1)