コード例 #1
0
    def test_exception_shib_login(self):
        """
        Tests that we get the error page when there is no REMOTE_USER
        or Shib-Identity-Provider in request.META
        """
        no_remote_user_request = self.request_factory.get('/shib-login')
        no_remote_user_request.META.update({'Shib-Identity-Provider': IDP})
        no_remote_user_response = shib_login(no_remote_user_request)
        self.assertEqual(no_remote_user_response.status_code, 403)
        self.assertIn("identity server did not return your ID information", no_remote_user_response.content)

        no_idp_request = self.request_factory.get('/shib-login')
        no_idp_request.META.update({'REMOTE_USER': REMOTE_USER})
        no_idp_response = shib_login(no_idp_request)
        self.assertEqual(no_idp_response.status_code, 403)
        self.assertIn("identity server did not return your ID information", no_idp_response.content)
コード例 #2
0
ファイル: test_shib.py プロジェクト: MR612/edx-platform
    def _base_test_extauth_auto_activate_user_with_flag(self, log_user_string="*****@*****.**"):
        """
        Tests that FEATURES['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] means extauth automatically
        linked users, activates them, and logs them in
        """
        inactive_user = UserFactory.create(email='*****@*****.**')
        inactive_user.is_active = False
        inactive_user.save()
        request = self.request_factory.get('/shib-login')
        request.session = import_module(settings.SESSION_ENGINE).SessionStore()  # empty session
        request.META.update({
            'Shib-Identity-Provider': 'https://idp.stanford.edu/',
            'REMOTE_USER': '******',
            'mail': '*****@*****.**'
        })

        request.user = AnonymousUser()
        with patch('external_auth.views.AUDIT_LOG') as mock_audit_log:
            response = shib_login(request)
        audit_log_calls = mock_audit_log.method_calls
        # reload user from db, since the view function works via db side-effects
        inactive_user = User.objects.get(id=inactive_user.id)
        self.assertIsNotNone(ExternalAuthMap.objects.get(user=inactive_user))
        self.assertTrue(inactive_user.is_active)
        self.assertIsInstance(response, HttpResponseRedirect)
        self.assertEqual(request.user, inactive_user)
        self.assertEqual(response['Location'], '/dashboard')
        # verify logging:
        self.assertEquals(len(audit_log_calls), 3)
        self._assert_shib_login_is_logged(audit_log_calls[0], log_user_string)
        method_name, args, _kwargs = audit_log_calls[2]
        self.assertEquals(method_name, 'info')
        self.assertEquals(len(args), 1)
        self.assertIn(u'Login success', args[0])
        self.assertIn(log_user_string, args[0])
コード例 #3
0
    def test_shib_login(self):
        """
        Tests that:
          * shib credentials that match an existing ExternalAuthMap with a linked user logs the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user without an existing ExternalAuthMap links the two and log the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user that already has an ExternalAuthMap causes an error (403)
          * shib credentials that do not match an existing ExternalAuthMap causes the registration form to appear
        """

        user_w_map = UserFactory.create(email='*****@*****.**')
        extauth = ExternalAuthMap(
            external_id='*****@*****.**',
            external_email='',
            external_domain='shib:https://idp.stanford.edu/',
            external_credentials="",
            user=user_w_map)
        user_wo_map = UserFactory.create(email='*****@*****.**')
        user_w_map.save()
        user_wo_map.save()
        extauth.save()

        idps = ['https://idp.stanford.edu/', 'https://someother.idp.com/']
        remote_users = [
            '*****@*****.**', '*****@*****.**',
            'testuser2@someother_idp.com'
        ]

        for idp in idps:
            for remote_user in remote_users:
                request = self.request_factory.get('/shib-login')
                request.session = import_module(
                    settings.SESSION_ENGINE).SessionStore()  # empty session
                request.META.update({
                    'Shib-Identity-Provider': idp,
                    'REMOTE_USER': remote_user,
                    'mail': remote_user
                })
                request.user = AnonymousUser()
                response = shib_login(request)
                if idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_w_map)
                    self.assertEqual(response['Location'], '/')
                elif idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsNotNone(
                        ExternalAuthMap.objects.get(user=user_wo_map))
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_wo_map)
                    self.assertEqual(response['Location'], '/')
                elif idp == "https://someother.idp.com/" and remote_user in \
                            ['*****@*****.**', '*****@*****.**']:
                    self.assertEqual(response.status_code, 403)
                    self.assertIn(
                        "You have already created an account using an external login",
                        response.content)
                else:
                    self.assertEqual(response.status_code, 200)
                    self.assertContains(response, "<title>Register for")
コード例 #4
0
    def _base_test_extauth_auto_activate_user_with_flag(self, log_user_string="*****@*****.**"):
        """
        Tests that FEATURES['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] means extauth automatically
        linked users, activates them, and logs them in
        """
        inactive_user = UserFactory.create(email='*****@*****.**')
        inactive_user.is_active = False
        inactive_user.save()
        request = self.request_factory.get('/shib-login')
        request.session = import_module(settings.SESSION_ENGINE).SessionStore()  # empty session
        request.META.update({
            'Shib-Identity-Provider': 'https://idp.stanford.edu/',
            'REMOTE_USER': '******',
            'mail': '*****@*****.**'
        })

        request.user = AnonymousUser()
        with patch('external_auth.views.AUDIT_LOG') as mock_audit_log:
            response = shib_login(request)
        audit_log_calls = mock_audit_log.method_calls
        # reload user from db, since the view function works via db side-effects
        inactive_user = User.objects.get(id=inactive_user.id)
        self.assertIsNotNone(ExternalAuthMap.objects.get(user=inactive_user))
        self.assertTrue(inactive_user.is_active)
        self.assertIsInstance(response, HttpResponseRedirect)
        self.assertEqual(request.user, inactive_user)
        self.assertEqual(response['Location'], '/')
        # verify logging:
        self.assertEquals(len(audit_log_calls), 3)
        self._assert_shib_login_is_logged(audit_log_calls[0], log_user_string)
        method_name, args, _kwargs = audit_log_calls[2]
        self.assertEquals(method_name, 'info')
        self.assertEquals(len(args), 1)
        self.assertIn(u'Login success', args[0])
        self.assertIn(log_user_string, args[0])
コード例 #5
0
ファイル: test_shib.py プロジェクト: sigberto/edx-platform
    def test_exception_shib_login(self):
        """
        Tests that we get the error page when there is no REMOTE_USER
        or Shib-Identity-Provider in request.META
        """
        no_remote_user_request = self.request_factory.get("/shib-login")
        no_remote_user_request.META.update({"Shib-Identity-Provider": IDP})
        no_remote_user_request.user = AnonymousUser()

        mako_middleware_process_request(no_remote_user_request)
        no_remote_user_response = shib_login(no_remote_user_request)
        self.assertEqual(no_remote_user_response.status_code, 403)
        self.assertIn("identity server did not return your ID information", no_remote_user_response.content)

        no_idp_request = self.request_factory.get("/shib-login")
        no_idp_request.META.update({"REMOTE_USER": REMOTE_USER})
        no_idp_response = shib_login(no_idp_request)
        self.assertEqual(no_idp_response.status_code, 403)
        self.assertIn("identity server did not return your ID information", no_idp_response.content)
コード例 #6
0
ファイル: test_shib.py プロジェクト: Fyre91/edx-platform
    def test_shib_login(self):
        """
        Tests that:
          * shib credentials that match an existing ExternalAuthMap with a linked user logs the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user without an existing ExternalAuthMap links the two and log the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user that already has an ExternalAuthMap causes an error (403)
          * shib credentials that do not match an existing ExternalAuthMap causes the registration form to appear
        """

        user_w_map = UserFactory.create(email='*****@*****.**')
        extauth = ExternalAuthMap(external_id='*****@*****.**',
                                  external_email='',
                                  external_domain='shib:https://idp.stanford.edu/',
                                  external_credentials="",
                                  user=user_w_map)
        user_wo_map = UserFactory.create(email='*****@*****.**')
        user_w_map.save()
        user_wo_map.save()
        extauth.save()

        idps = ['https://idp.stanford.edu/', 'https://someother.idp.com/']
        remote_users = ['*****@*****.**', '*****@*****.**', 'testuser2@someother_idp.com']

        for idp in idps:
            for remote_user in remote_users:
                request = self.request_factory.get('/shib-login')
                request.session = import_module(settings.SESSION_ENGINE).SessionStore()  # empty session
                request.META.update({'Shib-Identity-Provider': idp,
                                     'REMOTE_USER': remote_user,
                                     'mail': remote_user})
                request.user = AnonymousUser()
                response = shib_login(request)
                if idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_w_map)
                    self.assertEqual(response['Location'], '/')
                elif idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsNotNone(ExternalAuthMap.objects.get(user=user_wo_map))
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_wo_map)
                    self.assertEqual(response['Location'], '/')
                elif idp == "https://someother.idp.com/" and remote_user in \
                            ['*****@*****.**', '*****@*****.**']:
                    self.assertEqual(response.status_code, 403)
                    self.assertIn("You have already created an account using an external login", response.content)
                else:
                    self.assertEqual(response.status_code, 200)
                    self.assertContains(response, "<title>Register for")
コード例 #7
0
ファイル: test_shib.py プロジェクト: MR612/edx-platform
    def test_shib_login(self):
        """
        Tests that:
          * shib credentials that match an existing ExternalAuthMap with a linked active user logs the user in
          * shib credentials that match an existing ExternalAuthMap with a linked inactive user shows error page
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user without an existing ExternalAuthMap links the two and log the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user that already has an ExternalAuthMap causes an error (403)
          * shib credentials that do not match an existing ExternalAuthMap causes the registration form to appear
        """

        user_w_map = UserFactory.create(email='*****@*****.**')
        extauth = ExternalAuthMap(external_id='*****@*****.**',
                                  external_email='',
                                  external_domain='shib:https://idp.stanford.edu/',
                                  external_credentials="",
                                  user=user_w_map)
        user_wo_map = UserFactory.create(email='*****@*****.**')
        user_w_map.save()
        user_wo_map.save()
        extauth.save()

        inactive_user = UserFactory.create(email='*****@*****.**')
        inactive_user.is_active = False
        inactive_extauth = ExternalAuthMap(external_id='*****@*****.**',
                                           external_email='',
                                           external_domain='shib:https://idp.stanford.edu/',
                                           external_credentials="",
                                           user=inactive_user)
        inactive_user.save()
        inactive_extauth.save()

        idps = ['https://idp.stanford.edu/', 'https://someother.idp.com/']
        remote_users = ['*****@*****.**', '*****@*****.**',
                        'testuser2@someother_idp.com', '*****@*****.**']

        for idp in idps:
            for remote_user in remote_users:
                request = self.request_factory.get('/shib-login')
                request.session = import_module(settings.SESSION_ENGINE).SessionStore()  # empty session
                request.META.update({'Shib-Identity-Provider': idp,
                                     'REMOTE_USER': remote_user,
                                     'mail': remote_user})
                request.user = AnonymousUser()

                mako_middleware_process_request(request)
                with patch('external_auth.views.AUDIT_LOG') as mock_audit_log:
                    response = shib_login(request)
                audit_log_calls = mock_audit_log.method_calls

                if idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_w_map)
                    self.assertEqual(response['Location'], '/dashboard')
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0], remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, 'info')
                    self.assertEquals(len(args), 1)
                    self.assertIn(u'Login success', args[0])
                    self.assertIn(remote_user, args[0])
                elif idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertEqual(response.status_code, 403)
                    self.assertIn("Account not yet activated: please look for link in your email", response.content)
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0], remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, 'warning')
                    self.assertEquals(len(args), 1)
                    self.assertIn(u'is not active after external login', args[0])
                    # self.assertEquals(remote_user, args[1])
                elif idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsNotNone(ExternalAuthMap.objects.get(user=user_wo_map))
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_wo_map)
                    self.assertEqual(response['Location'], '/dashboard')
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0], remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, 'info')
                    self.assertEquals(len(args), 1)
                    self.assertIn(u'Login success', args[0])
                    self.assertIn(remote_user, args[0])
                elif idp == "https://someother.idp.com/" and remote_user in \
                            ['*****@*****.**', '*****@*****.**', '*****@*****.**']:
                    self.assertEqual(response.status_code, 403)
                    self.assertIn("You have already created an account using an external login", response.content)
                    # no audit logging calls
                    self.assertEquals(len(audit_log_calls), 0)
                else:
                    self.assertEqual(response.status_code, 200)
                    self.assertContains(response,
                                        ("Preferences for {platform_name}"
                                         .format(platform_name=settings.PLATFORM_NAME)))
                    # no audit logging calls
                    self.assertEquals(len(audit_log_calls), 0)
コード例 #8
0
ファイル: test_shib.py プロジェクト: navdeepgaur/edx-platform
    def test_shib_login(self):
        """
        Tests that:
          * shib credentials that match an existing ExternalAuthMap with a linked active user logs the user in
          * shib credentials that match an existing ExternalAuthMap with a linked inactive user shows error page
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user without an existing ExternalAuthMap links the two and log the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user that already has an ExternalAuthMap causes an error (403)
          * shib credentials that do not match an existing ExternalAuthMap causes the registration form to appear
        """

        user_w_map = UserFactory.create(email='*****@*****.**')
        extauth = ExternalAuthMap(
            external_id='*****@*****.**',
            external_email='',
            external_domain='shib:https://idp.stanford.edu/',
            external_credentials="",
            user=user_w_map)
        user_wo_map = UserFactory.create(email='*****@*****.**')
        user_w_map.save()
        user_wo_map.save()
        extauth.save()

        inactive_user = UserFactory.create(email='*****@*****.**')
        inactive_user.is_active = False
        inactive_extauth = ExternalAuthMap(
            external_id='*****@*****.**',
            external_email='',
            external_domain='shib:https://idp.stanford.edu/',
            external_credentials="",
            user=inactive_user)
        inactive_user.save()
        inactive_extauth.save()

        idps = ['https://idp.stanford.edu/', 'https://someother.idp.com/']
        remote_users = [
            '*****@*****.**', '*****@*****.**',
            'testuser2@someother_idp.com', '*****@*****.**'
        ]

        for idp in idps:
            for remote_user in remote_users:
                request = self.request_factory.get('/shib-login')
                request.session = import_module(
                    settings.SESSION_ENGINE).SessionStore()  # empty session
                request.META.update({
                    'Shib-Identity-Provider': idp,
                    'REMOTE_USER': remote_user,
                    'mail': remote_user
                })
                request.user = AnonymousUser()
                with patch('external_auth.views.AUDIT_LOG') as mock_audit_log:
                    response = shib_login(request)
                audit_log_calls = mock_audit_log.method_calls

                if idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_w_map)
                    self.assertEqual(response['Location'], '/')
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0],
                                                      remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, 'info')
                    self.assertEquals(len(args), 3)
                    self.assertIn(u'Login success', args[0])
                    self.assertEquals(remote_user, args[2])
                elif idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertEqual(response.status_code, 403)
                    self.assertIn(
                        "Account not yet activated: please look for link in your email",
                        response.content)
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0],
                                                      remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, 'warning')
                    self.assertEquals(len(args), 2)
                    self.assertIn(u'is not active after external login',
                                  args[0])
                    # self.assertEquals(remote_user, args[1])
                elif idp == "https://idp.stanford.edu/" and remote_user == '*****@*****.**':
                    self.assertIsNotNone(
                        ExternalAuthMap.objects.get(user=user_wo_map))
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_wo_map)
                    self.assertEqual(response['Location'], '/')
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0],
                                                      remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, 'info')
                    self.assertEquals(len(args), 3)
                    self.assertIn(u'Login success', args[0])
                    self.assertEquals(remote_user, args[2])
                elif idp == "https://someother.idp.com/" and remote_user in \
                            ['*****@*****.**', '*****@*****.**', '*****@*****.**']:
                    self.assertEqual(response.status_code, 403)
                    self.assertIn(
                        "You have already created an account using an external login",
                        response.content)
                    # no audit logging calls
                    self.assertEquals(len(audit_log_calls), 0)
                else:
                    self.assertEqual(response.status_code, 200)
                    self.assertContains(
                        response,
                        ("<title>Preferences for {platform_name}</title>".
                         format(platform_name=settings.PLATFORM_NAME)))
                    # no audit logging calls
                    self.assertEquals(len(audit_log_calls), 0)
コード例 #9
0
ファイル: test_shib.py プロジェクト: navdeepgaur/edx-platform
    def test_shib_login(self):
        """
        Tests that:
          * shib credentials that match an existing ExternalAuthMap with a linked active user logs the user in
          * shib credentials that match an existing ExternalAuthMap with a linked inactive user shows error page
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user without an existing ExternalAuthMap links the two and log the user in
          * shib credentials that match an existing ExternalAuthMap without a linked user and also match the email
            of an existing user that already has an ExternalAuthMap causes an error (403)
          * shib credentials that do not match an existing ExternalAuthMap causes the registration form to appear
        """

        user_w_map = UserFactory.create(email="*****@*****.**")
        extauth = ExternalAuthMap(
            external_id="*****@*****.**",
            external_email="",
            external_domain="shib:https://idp.stanford.edu/",
            external_credentials="",
            user=user_w_map,
        )
        user_wo_map = UserFactory.create(email="*****@*****.**")
        user_w_map.save()
        user_wo_map.save()
        extauth.save()

        inactive_user = UserFactory.create(email="*****@*****.**")
        inactive_user.is_active = False
        inactive_extauth = ExternalAuthMap(
            external_id="*****@*****.**",
            external_email="",
            external_domain="shib:https://idp.stanford.edu/",
            external_credentials="",
            user=inactive_user,
        )
        inactive_user.save()
        inactive_extauth.save()

        idps = ["https://idp.stanford.edu/", "https://someother.idp.com/"]
        remote_users = [
            "*****@*****.**",
            "*****@*****.**",
            "testuser2@someother_idp.com",
            "*****@*****.**",
        ]

        for idp in idps:
            for remote_user in remote_users:
                request = self.request_factory.get("/shib-login")
                request.session = import_module(settings.SESSION_ENGINE).SessionStore()  # empty session
                request.META.update({"Shib-Identity-Provider": idp, "REMOTE_USER": remote_user, "mail": remote_user})
                request.user = AnonymousUser()
                with patch("external_auth.views.AUDIT_LOG") as mock_audit_log:
                    response = shib_login(request)
                audit_log_calls = mock_audit_log.method_calls

                if idp == "https://idp.stanford.edu/" and remote_user == "*****@*****.**":
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_w_map)
                    self.assertEqual(response["Location"], "/")
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0], remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, "info")
                    self.assertEquals(len(args), 3)
                    self.assertIn(u"Login success", args[0])
                    self.assertEquals(remote_user, args[2])
                elif idp == "https://idp.stanford.edu/" and remote_user == "*****@*****.**":
                    self.assertEqual(response.status_code, 403)
                    self.assertIn("Account not yet activated: please look for link in your email", response.content)
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0], remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, "warning")
                    self.assertEquals(len(args), 2)
                    self.assertIn(u"is not active after external login", args[0])
                    # self.assertEquals(remote_user, args[1])
                elif idp == "https://idp.stanford.edu/" and remote_user == "*****@*****.**":
                    self.assertIsNotNone(ExternalAuthMap.objects.get(user=user_wo_map))
                    self.assertIsInstance(response, HttpResponseRedirect)
                    self.assertEqual(request.user, user_wo_map)
                    self.assertEqual(response["Location"], "/")
                    # verify logging:
                    self.assertEquals(len(audit_log_calls), 2)
                    self._assert_shib_login_is_logged(audit_log_calls[0], remote_user)
                    method_name, args, _kwargs = audit_log_calls[1]
                    self.assertEquals(method_name, "info")
                    self.assertEquals(len(args), 3)
                    self.assertIn(u"Login success", args[0])
                    self.assertEquals(remote_user, args[2])
                elif idp == "https://someother.idp.com/" and remote_user in [
                    "*****@*****.**",
                    "*****@*****.**",
                    "*****@*****.**",
                ]:
                    self.assertEqual(response.status_code, 403)
                    self.assertIn("You have already created an account using an external login", response.content)
                    # no audit logging calls
                    self.assertEquals(len(audit_log_calls), 0)
                else:
                    self.assertEqual(response.status_code, 200)
                    self.assertContains(
                        response,
                        ("<title>Preferences for {platform_name}</title>".format(platform_name=settings.PLATFORM_NAME)),
                    )
                    # no audit logging calls
                    self.assertEquals(len(audit_log_calls), 0)