class TestLoginStatus(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.resource = LoginStatusResource(self.services_factory)
self.web = DummySite(self.resource)
self.request = DummyRequest(['/status'])
def test_login_status_completed_when_single_user(self):
self.services_factory.mode = mock()
self.services_factory.mode.is_single_user = True
d = self.web.get(self.request)
def assert_login_completed(_):
self.assertIn('completed', self.request.written[0])
d.addCallback(assert_login_completed)
return d
@patch('pixelated.resources.session.PixelatedSession.check_login_status')
def test_login_status_when_multi_user_returns_check_login_status(self, mock_login_status):
self.services_factory.mode = mock()
self.services_factory.mode.is_single_user = False
mock_login_status.return_value = 'started'
d = self.web.get(self.request)
def assert_login_completed(_):
self.assertIn('started', self.request.written[0])
d.addCallback(assert_login_completed)
return d
class TestLoginResource(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
def test_children_resources_are_unauthorized_when_not_logged_in(self):
request = DummyRequest(['/some_child_resource'])
d = self.web.get(request)
def assert_unauthorized_resources(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized_resources)
return d
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in):
request = DummyRequest(['/login/grand_children'])
mock_is_logged_in.return_value = True
d = self.web.get(request)
def assert_resources_not_found(_):
self.assertEqual(404, request.responseCode)
self.assertIn("No Such Resource", request.written[0])
d.addCallback(assert_resources_not_found)
return d
def test_get(self):
request = DummyRequest([''])
d = self.web.get(request)
def assert_form_rendered(_):
self.assertEqual(200, request.responseCode)
form_action = 'action="/login"'
form_method = 'method="post"'
input_username = '******'
input_password = '******'
input_submit = 'name="login"'
written_response = ''.join(request.written)
self.assertIn(form_action, written_response)
self.assertIn(form_method, written_response)
self.assertIn(input_password, written_response)
self.assertIn(input_submit, written_response)
self.assertIn(input_username, written_response)
d.addCallback(assert_form_rendered)
return d
class TestUsersResource(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.resource = UsersResource(self.services_factory)
self.web = DummySite(self.resource)
def test_numbers_of_users_online(self):
number_of_users_online = 6
self.services_factory.online_sessions = lambda: number_of_users_online
self.resource.is_admin = lambda _: True
request = DummyRequest([''])
d = self.web.get(request)
def assert_users_count(_):
self.assertEqual(200, request.code)
self.assertEqual('{"count": %d}' % number_of_users_online, request.written[0])
d.addCallback(assert_users_count)
return d
def test_numbers_of_users_online_is_only_available_only_for_admin(self):
self.resource.is_admin = lambda _: False
request = DummyRequest([''])
d = self.web.get(request)
def assert_is_forbidden(_):
self.assertEqual(401, request.responseCode)
self.assertEqual('Unauthorized!', request.written[0])
d.addCallback(assert_is_forbidden)
return d
def test_is_admin_is_queried_from_leap_auth(self):
leap_session = mock()
auth = mock()
auth.uuid = 'some_id1'
leap_session.user_auth = auth
leap_session.config = mock()
services = Services(leap_session)
service_factory = ServicesFactory(mock())
service_factory.add_session('some_id1', services)
when(auth).is_admin().thenReturn(True)
request = mock()
resource = UsersResource(service_factory)
when(resource)._get_user_id_from_request(request).thenReturn('some_id1')
self.assertTrue(resource.is_admin(request))
verify(auth).is_admin()
class TestKeysResource(unittest.TestCase):
def setUp(self):
self.keymanager = mock()
self.web = DummySite(KeysResource(self.keymanager))
def test_returns_404_if_key_not_found(self):
request = DummyRequest(['/keys'])
request.addArg('search', '*****@*****.**')
when(self.keymanager).get_key_from_cache('*****@*****.**', OpenPGPKey).thenRaise(KeyNotFound())
d = self.web.get(request)
def assert_404(_):
self.assertEquals(404, request.code)
d.addCallback(assert_404)
return d
def test_returns_the_key_as_json_if_found(self):
request = DummyRequest(['/keys'])
request.addArg('search', 'some@key')
when(self.keymanager).get_key_from_cache('some@key', OpenPGPKey).thenReturn(OpenPGPKey('some@key'))
d = self.web.get(request)
def assert_response(_):
self.assertEquals('"{\\"tags\\": [\\"keymanager-key\\"], \\"fingerprint\\": null, '
'\\"private\\": null, \\"expiry_date\\": null, \\"address\\": '
'\\"some@key\\", \\"last_audited_at\\": null, \\"key_data\\": null, '
'\\"length\\": null, \\"key_id\\": null, \\"validation\\": null, '
'\\"type\\": \\"<class \'leap.keymanager.openpgp.OpenPGPKey\'>\\", '
'\\"first_seen_at\\": null}"', request.written[0])
d.addCallback(assert_response)
return d
def test_returns_unauthorized_if_key_is_private(self):
request = DummyRequest(['/keys'])
request.addArg('search', 'some@key')
when(self.keymanager).get_key_from_cache('some@key', OpenPGPKey).thenReturn(OpenPGPKey('some@key', private=True))
d = self.web.get(request)
def assert_response(_):
self.assertEquals(401, request.code)
d.addCallback(assert_response)
return d
class TestLogoutResource(unittest.TestCase):
def setUp(self):
self.services_factory = MagicMock()
self.resource = LogoutResource(self.services_factory)
self.services_factory.log_out_user.return_value = defer.succeed(None)
self.web = DummySite(self.resource)
@patch('twisted.web.util.redirectTo')
def test_logout(self, mock_redirect):
request = DummyRequest(['/logout'])
request.method = 'POST'
session = self.resource.get_session(request)
session.expire = MagicMock()
mock_redirect.return_value = 'some redirect response'
d = self.web.get(request)
def expire_session_and_redirect(_):
session = self.resource.get_session(request)
self.services_factory.destroy_session.assert_called_once_with(session.user_uuid)
session.expire.assert_called_once_with()
mock_redirect.assert_called_once_with('/login', request)
d.addCallback(expire_session_and_redirect)
return d
def test_get_is_not_supported_for_logout(self):
request = DummyRequest(['/logout'])
request.method = 'GET'
self.assertRaises(UnsupportedMethod, self.web.get, request)
def test_errback_is_called(self):
request = DummyRequest(['/logout'])
request.method = 'POST'
session = self.resource.get_session(request)
exception = Exception('')
session.expire = MagicMock(side_effect=exception)
d = self.web.get(request)
def assert_500_when_exception_is_thrown(_):
self.assertEqual(500, request.responseCode)
self.assertEqual('Something went wrong!', request.written[0])
d.addCallback(assert_500_when_exception_is_thrown)
return d
class TestRootResource(unittest.TestCase):
MAIL_ADDRESS = '*****@*****.**'
def setUp(self):
self.mail_service = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.mail_service = self.mail_service
self.services_factory._services_by_user = {'someuserid': self.mail_service}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.mail_service.account_email = self.MAIL_ADDRESS
root_resource = RootResource(self.services_factory)
root_resource._html_template = "<html><head><title>$account_email</title></head></html>"
root_resource._mode = root_resource
self.web = DummySite(root_resource)
def test_render_GET_should_template_account_email(self):
request = DummyRequest([''])
d = self.web.get(request)
def assert_response(_):
expected = "<title>{0}</title>".format(self.MAIL_ADDRESS)
matches = re.findall(expected, request.written[0])
self.assertEquals(len(matches), 1)
d.addCallback(assert_response)
return d
class TestSandBoxResource(unittest.TestCase):
def setUp(self):
static_folder = os.path.dirname(os.path.abspath(__file__))
self.resource = SandboxResource(static_folder)
self.resource.isLeaf = True
self.web = DummySite(self.resource)
@defer.inlineCallbacks
def test_render_GET_should_set_sandbox_csp_header(self):
request = DummyRequest(['/sandbox'])
request.method = 'GET'
request.isSecure = lambda: True
request.redirect = lambda _: 'irrelevant'
expected_csp_headers = "sandbox allow-popups allow-scripts;" \
"default-src 'self';" \
"style-src *;" \
"script-src *;" \
"font-src *;" \
"img-src *;" \
"object-src 'none';" \
"connect-src 'none';"
yield self.web.get(request)
self.assertEquals(expected_csp_headers, request.responseHeaders.getRawHeaders('X-Content-Security-Policy'.lower())[0])
self.assertEquals(expected_csp_headers, request.responseHeaders.getRawHeaders('Content-Security-Policy'.lower())[0])
self.assertEquals(expected_csp_headers, request.responseHeaders.getRawHeaders('X-Webkit-CSP'.lower())[0])
class TestFeedbackResource(unittest.TestCase):
def setUp(self):
self.feedback_service = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.feedback_service = self.feedback_service
self.services_factory._services_by_user = {'someuserid': self.feedback_service}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.web = DummySite(FeedbackResource(self.services_factory))
def test_sends_feedback_to_leap_web(self):
request = DummyRequest(['/feedback'])
request.method = 'POST'
content = mock()
when(content).read().thenReturn(json.dumps({'feedback': 'Pixelated is awesome!'}))
request.content = content
d = self.web.get(request)
def assert_posted_feedback_to_leap_web(_):
verify(self.feedback_service).open_ticket('Pixelated is awesome!')
d.addCallback(assert_posted_feedback_to_leap_web)
return d
class TestTagsResource(unittest.TestCase):
def setUp(self):
self.services_factory = MagicMock()
self.resource = TagsResource(self.services_factory)
def test_errback_is_called(self):
exception = Exception('')
mock_search_engine = MagicMock()
mock_search_engine.tags = MagicMock(side_effect=exception)
mock_service = MagicMock()
mock_service.search_engine = mock_search_engine
self.services_factory.services.return_value = mock_service
self.web = DummySite(self.resource)
request = DummyRequest(['/tags'])
request.method = 'GET'
d = self.web.get(request)
def assert_500_when_exception_is_thrown(_):
self.assertEqual(500, request.responseCode)
self.assertEqual('Something went wrong!', request.written[0])
d.addCallback(assert_500_when_exception_is_thrown)
return d
class TestLogoutResource(unittest.TestCase):
def setUp(self):
self.services_factory = MagicMock()
self.resource = LogoutResource(self.services_factory)
self.services_factory.log_out_user.return_value = defer.succeed(None)
self.web = DummySite(self.resource)
@patch('twisted.web.util.redirectTo')
def test_logout(self, mock_redirect):
request = DummyRequest(['/logout'])
request.method = 'POST'
session = self.resource.get_session(request)
session.expire = MagicMock()
mock_redirect.return_value = 'some redirect response'
d = self.web.get(request)
def expire_session_and_redirect(_):
session = self.resource.get_session(request)
self.services_factory.log_out_user.assert_called_once_with(session.user_uuid)
session.expire.assert_called_once_with()
mock_redirect.assert_called_once_with('/login', request)
d.addCallback(expire_session_and_redirect)
return d
def test_get_is_not_supported_for_logout(self):
request = DummyRequest(['/logout'])
request.method = 'GET'
self.assertRaises(UnsupportedMethod, self.web.get, request)
class TestUserSettingsResource(unittest.TestCase):
def setUp(self):
self.services = mock()
self.mail_service = mock()
self.mail_service.account_email = MAIL_ADDRESS
self.keymanager = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services.mail_service = self.mail_service
self.services.keymanager = self.keymanager
self.services_factory._services_by_user = {'someuserid': self.keymanager}
self.resource = UserSettingsResource(self.services_factory)
when(self.services_factory).services(any()).thenReturn(self.services)
self.web = DummySite(self.resource)
def test_fingerprint_given(self):
key = OpenPGPKey(MAIL_ADDRESS)
key.fingerprint = FINGERPRINT
request = DummyRequest(['/user-settings'])
when(self.keymanager).fetch_key(MAIL_ADDRESS).thenReturn(defer.succeed(key))
d = self.web.get(request)
def assert_response(_):
response = json.loads(request.written[0])
self.assertEqual(FINGERPRINT, response['fingerprint'])
self.assertEqual(MAIL_ADDRESS, response['account_email'])
d.addCallback(assert_response)
return d
def test_fingerprint_missing(self):
key = OpenPGPKey(MAIL_ADDRESS)
key.fingerprint = FINGERPRINT
request = DummyRequest(['/user-settings'])
when(self.keymanager).fetch_key(MAIL_ADDRESS).thenReturn(defer.fail(Failure))
d = self.web.get(request)
def assert_response(_):
response = json.loads(request.written[0])
self.assertEqual(FINGERPRINT_NOT_FOUND, response['fingerprint'])
self.assertEqual(MAIL_ADDRESS, response['account_email'])
d.addCallback(assert_response)
return d
def test_render_PUT_should_store_draft_with_attachments(self, mock_register):
request = DummyRequest([])
request.method = 'PUT'
request.content = mock()
when(request.content).read().thenReturn('{"attachments": [{"ident": "some fake attachment id"}]}')
when(self.mail_service).attachment('some fake attachment id').thenReturn(defer.succeed({'content': mock()}))
mails_resource = MailsResource(self.services_factory)
web = DummySite(mails_resource)
d = web.get(request)
def assert_response(_):
verify(self.mail_service).attachment('some fake attachment id')
d.addCallback(assert_response)
return d
class TestFeedbackResource(unittest.TestCase):
def setUp(self):
self.feedback_service = mock()
self.web = DummySite(FeedbackResource(self.feedback_service))
def test_sends_feedback_to_leap_web(self):
request = DummyRequest(['/feedback'])
request.method = 'POST'
content = mock()
when(content).read().thenReturn(json.dumps({'feedback': 'Pixelated is awesome!'}))
request.content = content
d = self.web.get(request)
def assert_posted_feedback_to_leap_web(_):
verify(self.feedback_service).open_ticket('Pixelated is awesome!')
d.addCallback(assert_posted_feedback_to_leap_web)
return d
def test_render_GET_should_unicode_mails_search_query(self, mock_register):
request = DummyRequest([])
non_unicode_search_term = 'coração'
request.addArg('q', non_unicode_search_term)
request.addArg('w', 25)
request.addArg('p', 1)
unicodified_search_term = u'coração'
when(self.mail_service).mails(unicodified_search_term, 25, 1).thenReturn(defer.succeed(([], 0)))
mails_resource = MailsResource(self.services_factory)
web = DummySite(mails_resource)
d = web.get(request)
def assert_response(_):
verify(self.mail_service).mails(unicodified_search_term, 25, 1)
d.addCallback(assert_response)
return d
class TestLogoutResource(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.resource = LogoutResource(self.services_factory)
self.web = DummySite(self.resource)
@patch('twisted.web.util.redirectTo')
def test_logout(self, mock_redirect):
request = DummyRequest(['/logout'])
mock_redirect.return_value = 'haha'
d = self.web.get(request)
def expire_session_and_redirect(_):
session = self.resource.get_session(request)
self.assertFalse(session.is_logged_in())
mock_redirect.assert_called_once_with('/login', request)
d.addCallback(expire_session_and_redirect)
return d
def test_render_POST_should_send_email_with_attachments(self, mock_register):
request = DummyRequest([])
request.method = 'POST'
request.content = mock()
when(request.content).read().thenReturn('{"attachments": [{"ident": "some fake attachment id"}]}')
when(self.mail_service).attachment('some fake attachment id').thenReturn(defer.succeed({"content": "some content"}))
as_dictable = mock()
when(as_dictable).as_dict().thenReturn({})
when(self.mail_service).send_mail({"attachments": [{"ident": "some fake attachment id", "raw": "some content"}]})\
.thenReturn(defer.succeed(as_dictable))
mails_resource = MailsResource(self.services_factory)
web = DummySite(mails_resource)
d = web.get(request)
def assert_response(_):
verify(self.mail_service).attachment('some fake attachment id')
verify(self.mail_service).send_mail({"attachments": [{"ident": "some fake attachment id", "raw": "some content"}]})
d.addCallback(assert_response)
return d
class TestRootResource(unittest.TestCase):
MAIL_ADDRESS = '*****@*****.**'
def setUp(self):
root_resource = RootResource()
root_resource._mode = root_resource
root_resource.account_email = self.MAIL_ADDRESS
root_resource._html_template = "<html><head><title>$account_email</title></head></html>"
self.web = DummySite(root_resource)
def test_render_GET_should_template_account_email(self):
request = DummyRequest([''])
d = self.web.get(request)
def assert_response(_):
expected = "<title>{0}</title>".format(self.MAIL_ADDRESS)
matches = re.findall(expected, request.written[0])
self.assertEquals(len(matches), 1)
d.addCallback(assert_response)
return d
class TestArchiveResource(unittest.TestCase):
def setUp(self):
self.mail_service = mock()
self.web = DummySite(MailsArchiveResource(self.mail_service))
def test_render_POST_should_archive_mails(self):
request = DummyRequest(["/mails/archive"])
request.method = "POST"
content = mock()
when(content).read().thenReturn(json.dumps({"idents": ["1", "2"]}))
when(self.mail_service).archive_mail("1").thenReturn(defer.Deferred())
when(self.mail_service).archive_mail("2").thenReturn(defer.Deferred())
request.content = content
d = self.web.get(request)
def assert_response(_):
verify(self.mail_service).archive_mail("1")
verify(self.mail_service).archive_mail("2")
d.addCallback(assert_response)
return d
class TestArchiveResource(unittest.TestCase):
def setUp(self):
self.mail_service = mock()
self.web = DummySite(MailsArchiveResource(self.mail_service))
def test_render_POST_should_archive_mails(self):
request = DummyRequest(['/mails/archive'])
request.method = 'POST'
idents = ['1', '2']
content = mock()
when(content).read().thenReturn(json.dumps({'idents': ['1', '2']}))
when(self.mail_service).archive_mail('1').thenReturn(defer.succeed(None))
when(self.mail_service).archive_mail('2').thenReturn(defer.succeed(None))
request.content = content
d = self.web.get(request)
def assert_response(_):
verify(self.mail_service).archive_mail('1')
verify(self.mail_service).archive_mail('2')
d.addCallback(assert_response)
return d
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.user_auth = user_auth
def mock_user_has_services_setup(self):
when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True)
def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant))
when(self.services_factory).create_services_from(self.leap_session).thenAnswer(self.mock_user_has_services_setup)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).create_services_from(self.leap_session)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_login_does_not_reload_services_if_already_loaded(self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant))
when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).is_logged_in('some_user_uuid')
verifyNoMoreInteractions(self.services_factory)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_should_return_form_back_with_error_message_when_login_fails(self):
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid credentials', written_response)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create')
@patch('leap.auth.SRPAuth.authenticate')
@patch('pixelated.config.services.Services.setup')
def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create):
mock_leap_srp_auth.side_effect = SRPAuthenticationError()
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertFalse(mock_leap_session_create.called)
self.assertFalse(mock_service_setup.called)
self.assertEqual(401, self.request.responseCode)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_not_process_login_if_already_logged_in(self, mock_logged_in, mock_redirect):
mock_logged_in.return_value = True
when(self.services_factory).is_logged_in(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verifyZeroInteractions(self.portal)
mock_redirect.assert_called_once_with('/', self.request)
d.addCallback(assert_login_setup_service_for_user)
return d
class TestAccountRecoveryResource(unittest.TestCase):
def setUp(self):
self.services_factory = MagicMock()
self.resource = AccountRecoveryResource(self.services_factory)
self.web = DummySite(self.resource)
def test_get(self):
request = DummyRequest(['/account-recovery'])
request.method = 'GET'
d = self.web.get(request)
def assert_200_when_user_logged_in(_):
self.assertEqual(200, request.responseCode)
self.assertIn("DOCTYPE html", request.written[0])
d.addCallback(assert_200_when_user_logged_in)
return d
def test_post_returns_successfully(self):
request = DummyRequest(['/account-recovery'])
request.method = 'POST'
self.resource._handle_post = MagicMock(return_value=defer.succeed(None))
d = self.web.get(request)
def assert_successful_response(_):
self.assertEqual(200, request.responseCode)
d.addCallback(assert_successful_response)
return d
def test_post_returns_failure(self):
request = DummyRequest(['/account-recovery'])
request.method = 'POST'
self.resource._handle_post = MagicMock(return_value=defer.fail(InvalidPasswordError))
d = self.web.get(request)
def assert_error_response(_):
self.assertEqual(500, request.responseCode)
d.addCallback(assert_error_response)
return d
def test_handle_post_successfully(self):
request = MagicMock()
self.resource._get_post_form = MagicMock()
self.resource._validate_password = MagicMock(return_value=True)
d = self.resource._handle_post(request)
def assert_successful(success):
self.assertEqual(success, 'Done!')
d.addCallback(assert_successful)
return d
@defer.inlineCallbacks
def test_handle_post_failed(self):
request = MagicMock()
self.resource._get_post_form = MagicMock()
self.resource._validate_password = MagicMock(return_value=False)
with self.assertRaises(InvalidPasswordError):
yield self.resource._handle_post(request)
def test_get_post_form(self):
request = MagicMock()
request.content.getvalue.return_value = '{"userCode": "abc", "password": "******", "confirmPassword": "******"}'
form = self.resource._get_post_form(request)
self.assertEqual(form.get('userCode'), 'abc')
self.assertEqual(form.get('password'), '123')
self.assertEqual(form.get('confirmPassword'), '456')
def test_validate_password_successfully(self):
self.assertTrue(self.resource._validate_password('12345678', '12345678'))
def test_validate_password_failed_by_confirmation(self):
self.assertFalse(self.resource._validate_password('12345678', '1234'))
def test_validate_password_failed_by_length(self):
self.assertFalse(self.resource._validate_password('1234', '1234'))
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.user_auth = user_auth
def mock_user_has_services_setup(self):
when(self.services_factory).has_session('some_user_uuid').thenReturn(
True)
def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(
self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn(
(irrelevant, self.leap_session, irrelevant))
when(self.services_factory).create_services_from(
self.leap_session).thenAnswer(self.mock_user_has_services_setup)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).create_services_from(
self.leap_session)
verify(self.services_factory).map_email('ayoyo', 'some_user_uuid')
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_login_does_not_reload_services_if_already_loaded(self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn(
(irrelevant, self.leap_session, irrelevant))
when(self.services_factory).has_session('some_user_uuid').thenReturn(
True)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).has_session('some_user_uuid')
verifyNoMoreInteractions(self.services_factory)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_should_return_form_back_with_error_message_when_login_fails(self):
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid credentials', written_response)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.config.sessions.LeapSessionFactory.create')
@patch('leap.auth.SRPAuth.authenticate')
@patch('pixelated.config.services.Services.setup')
def test_leap_session_is_not_created_when_leap_auth_fails(
self, mock_service_setup, mock_leap_srp_auth,
mock_leap_session_create):
mock_leap_srp_auth.side_effect = SRPAuthenticationError()
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertFalse(mock_leap_session_create.called)
self.assertFalse(mock_service_setup.called)
self.assertEqual(401, self.request.responseCode)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_not_process_login_if_already_logged_in(
self, mock_logged_in, mock_redirect):
mock_logged_in.return_value = True
when(self.services_factory).has_session(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verifyZeroInteractions(self.portal)
mock_redirect.assert_called_once_with('/', self.request)
d.addCallback(assert_login_setup_service_for_user)
return d
class AttachmentsResourceTest(unittest.TestCase):
def setUp(self):
self.mail_service = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.mail_service = self.mail_service
self.services_factory._services_by_user = {'someuserid': self.mail_service}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.mails_resource = AttachmentsResource(self.services_factory)
self.mails_resource.isLeaf = True
self.web = DummySite(self.mails_resource)
@patch('cgi.FieldStorage')
def test_post_new_attachment(self, mock_fields):
request = DummyRequest(['/attachment'])
request.method = 'POST'
request.content = 'mocked'
attachment_id = 'B5B4ED80AC3B894523D72E375DACAA2FC6606C18EDF680FE95903086C8B5E14A'
_file = MagicMock()
_file.value = 'some mocked value'
_file.type = 'some mocked type'
_file.filename = 'filename.txt'
mock_fields.return_value = {'attachment': _file}
when(self.mail_service).save_attachment('some mocked value', 'some mocked type').thenReturn(defer.succeed(attachment_id))
d = self.web.get(request)
def assert_response(_):
self.assertEqual(201, request.code)
self.assertEqual('/attachment/%s' % attachment_id, request.responseHeaders.getRawHeaders("location")[0])
response_json = {'ident': attachment_id, 'content-type': 'some mocked type',
'name': 'filename.txt', 'size': 17, 'encoding': 'base64'}
self.assertEqual(response_json, json.loads(request.written[0]))
verify(self.mail_service).save_attachment('some mocked value', 'some mocked type')
d.addCallback(assert_response)
return d
@patch('cgi.FieldStorage')
def test_post_attachment_fails(self, mock_fields):
request = DummyRequest(['/attachment'])
request.method = 'POST'
request.content = 'mocked'
_file = MagicMock()
_file.value = 'some mocked value'
_file.type = 'some mocked type'
mock_fields.return_value = {'attachment': _file}
when(self.mail_service).save_attachment('some mocked value', 'some mocked type').thenReturn(defer.fail(Exception))
d = self.web.get(request)
def assert_response(_):
self.assertEqual(500, request.code)
self.assertFalse(request.responseHeaders.hasHeader('Location'.lower()))
self.assertIn("message", json.loads(request.written[0]))
verify(self.mail_service).save_attachment('some mocked value', 'some mocked type')
d.addCallback(assert_response)
return d
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.provider)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
self.user_auth = user_auth
@patch('pixelated.authentication.Authenticator.authenticate')
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_redirect_to_home_if_user_if_already_logged_in(self, mock_logged_in, mock_redirect, mock_authenticate):
mock_logged_in.return_value = True
when(self.services_factory).has_session(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
d = self.web.get(self.request)
def assert_redirected_to_home(_):
mock_redirect.assert_called_once_with('/', self.request)
self.assertFalse(mock_authenticate.called)
d.addCallback(assert_redirected_to_home)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_should_return_form_back_with_error_message_when_login_fails(self, mock_authenticate,
mock_user_bootstrap_setup):
mock_authenticate.side_effect = UnauthorizedLogin()
d = self.web.get(self.request)
def assert_error_response_and_user_services_not_setup(_):
mock_authenticate.assert_called_once_with(self.username, self.password)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid username or password', written_response)
self.assertFalse(mock_user_bootstrap_setup.called)
self.assertFalse(self.resource.get_session(self.request).is_logged_in())
d.addCallback(assert_error_response_and_user_services_not_setup)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_successful_login_responds_interstitial(self, mock_authenticate, mock_user_bootstrap_setup):
mock_authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_interstitial_in_response(_):
mock_authenticate.assert_called_once_with(self.username, self.password)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
d.addCallback(assert_interstitial_in_response)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_successful_login_runs_user_services_bootstrap_when_interstitial_loaded(self, mock_authenticate, mock_user_bootstrap_setup):
mock_authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
mock_user_bootstrap_setup.assert_called_once_with(self.user_auth, self.password, 'pt-BR')
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_successful_adds_cookies_to_indicat_logged_in_status_when_services_are_loaded(self, mock_authenticate, mock_user_bootstrap_setup):
mock_authenticate.return_value = self.user_auth
irrelevant = None
mock_user_bootstrap_setup.return_value = defer.succeed(irrelevant)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
self.assertTrue(self.resource.get_session(self.request).is_logged_in())
d.addCallback(assert_login_setup_service_for_user)
return d
class TestKeysResource(unittest.TestCase):
def setUp(self):
self.keymanager = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.keymanager = self.keymanager
self.services_factory._services_by_user = {"someuserid": self.keymanager}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.web = DummySite(KeysResource(self.services_factory))
def test_returns_404_if_key_not_found(self):
request = DummyRequest(["/keys"])
request.addArg("search", "*****@*****.**")
when(self.keymanager).fetch_key("*****@*****.**").thenReturn(defer.fail(KeyNotFound()))
d = self.web.get(request)
def assert_404(_):
self.assertEquals(404, request.code)
d.addCallback(assert_404)
return d
def test_returns_the_key_as_json_if_found(self):
request = DummyRequest(["/keys"])
request.addArg("search", "some@key")
when(self.keymanager).fetch_key("some@key").thenReturn(defer.succeed(OpenPGPKey("some@key")))
d = self.web.get(request)
expected = {
u"address": u"some@key",
u"encr_used": False,
u"fingerprint": u"",
u"last_audited_at": 0,
u"private": False,
u"sign_used": False,
u"tags": [u"keymanager-active"],
u"type": u"OpenPGPKey-active",
u"validation": u"Weak_Chain",
u"version": 1,
}
def assert_response(_):
actual = json.loads(ast.literal_eval(request.written[0]))
self.assertEquals(expected, actual)
d.addCallback(assert_response)
return d
def test_returns_unauthorized_if_key_is_private(self):
request = DummyRequest(["/keys"])
request.addArg("search", "some@key")
when(self.keymanager).fetch_key("some@key").thenReturn(defer.succeed(OpenPGPKey("some@key", private=True)))
d = self.web.get(request)
def assert_response(_):
self.assertEquals(401, request.code)
d.addCallback(assert_response)
return d
class TestKeysResource(unittest.TestCase):
def setUp(self):
self.keymanager = mock()
self.web = DummySite(KeysResource(self.keymanager))
def test_returns_404_if_key_not_found(self):
request = DummyRequest(['/keys'])
request.addArg('search', '*****@*****.**')
when(self.keymanager).fetch_key('*****@*****.**').thenReturn(defer.fail(KeyNotFound()))
d = self.web.get(request)
def assert_404(_):
self.assertEquals(404, request.code)
d.addCallback(assert_404)
return d
def test_returns_the_key_as_json_if_found(self):
request = DummyRequest(['/keys'])
request.addArg('search', 'some@key')
when(self.keymanager).fetch_key('some@key').thenReturn(defer.succeed(OpenPGPKey('some@key')))
d = self.web.get(request)
expected = {
"tags": ["keymanager-key"],
"fingerprint": '',
"private": False,
'sign_used': False,
'refreshed_at': 0,
"expiry_date": 0,
"address": 'some@key',
'encr_used': False,
'last_audited_at': 0,
'key_data': '',
'length': 0,
'key_id': '',
'validation': 'Weak_Chain',
'type': 'OpenPGPKey',
}
def assert_response(_):
actual = json.loads(ast.literal_eval(request.written[0]))
self.assertEquals(expected, actual)
d.addCallback(assert_response)
return d
def test_returns_unauthorized_if_key_is_private(self):
request = DummyRequest(['/keys'])
request.addArg('search', 'some@key')
when(self.keymanager).fetch_key('some@key').thenReturn(defer.succeed(OpenPGPKey('some@key', private=True)))
d = self.web.get(request)
def assert_response(_):
self.assertEquals(401, request.code)
d.addCallback(assert_response)
return d
class TestBackupAccountResource(unittest.TestCase):
def setUp(self):
self.services_factory = MagicMock()
self.authenticator = MagicMock()
self.leap_provider = MagicMock()
self.leap_provider.server_name = 'test.com'
self.resource = BackupAccountResource(self.services_factory, self.authenticator, self.leap_provider)
self.web = DummySite(self.resource)
def test_get(self):
request = DummyRequest(['/backup-account'])
request.method = 'GET'
d = self.web.get(request)
def assert_200_when_user_logged_in(_):
self.assertEqual(200, request.responseCode)
self.assertIn("DOCTYPE html", request.written[0])
d.addCallback(assert_200_when_user_logged_in)
return d
@patch('pixelated.resources.backup_account_resource.parse_accept_language')
@patch('pixelated.resources.backup_account_resource.AccountRecovery')
def test_post_updates_recovery_code(self, mock_account_recovery_init, mock_language):
mock_language.return_value = 'pt-BR'
mock_account_recovery = MagicMock()
mock_account_recovery_init.return_value = mock_account_recovery
mock_account_recovery.update_recovery_code.return_value = defer.succeed("Success")
request = DummyRequest(['/backup-account'])
request.method = 'POST'
request.content = MagicMock()
request.content.getvalue.return_value = '{"email": "*****@*****.**"}'
d = self.web.get(request)
def assert_update_recovery_code_called(_):
mock_account_recovery_init.assert_called_with(
self.resource._authenticator.bonafide_session,
self.resource.soledad(request),
self.resource._service(request, '_leap_session').smtp_config,
self.resource._get_backup_email(request),
self.leap_provider.server_name,
language='pt-BR')
mock_account_recovery.update_recovery_code.assert_called()
d.addCallback(assert_update_recovery_code_called)
return d
@patch('pixelated.resources.backup_account_resource.AccountRecovery.update_recovery_code')
def test_post_returns_successfully(self, mock_update_recovery_code):
mock_update_recovery_code.return_value = defer.succeed("Success")
request = DummyRequest(['/backup-account'])
request.method = 'POST'
request.content = MagicMock()
request.content.getvalue.return_value = '{"email": "*****@*****.**"}'
d = self.web.get(request)
def assert_successful_response(_):
self.assertEqual(204, request.responseCode)
d.addCallback(assert_successful_response)
return d
@patch('pixelated.resources.backup_account_resource.AccountRecovery.update_recovery_code')
def test_post_returns_internal_server_error(self, mock_update_recovery_code):
mock_update_recovery_code.return_value = defer.fail(Exception)
request = DummyRequest(['/backup-account'])
request.method = 'POST'
request.content = MagicMock()
request.content.getvalue.return_value = '{"email": "*****@*****.**"}'
d = self.web.get(request)
def assert_successful_response(_):
self.assertEqual(500, request.responseCode)
d.addCallback(assert_successful_response)
return d
def test_get_backup_email_from_request(self):
request = MagicMock()
request.content.getvalue.return_value = '{"backupEmail": "*****@*****.**"}'
self.assertEqual(self.resource._get_backup_email(request), '*****@*****.**')
class TestRootResource(unittest.TestCase):
MAIL_ADDRESS = "*****@*****.**"
def setUp(self):
self.mail_service = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.mail_service = self.mail_service
self.services_factory._services_by_user = {"someuserid": self.mail_service}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.mail_service.account_email = self.MAIL_ADDRESS
root_resource = RootResource(self.services_factory)
root_resource._html_template = "<html><head><title>$account_email</title></head></html>"
root_resource._mode = root_resource
self.web = DummySite(root_resource)
self.root_resource = root_resource
def test_render_GET_should_template_account_email(self):
request = DummyRequest([""])
request.addCookie = lambda key, value: "stubbed"
d = self.web.get(request)
def assert_response(_):
expected = "<title>{0}</title>".format(self.MAIL_ADDRESS)
matches = re.findall(expected, request.written[0])
self.assertEquals(len(matches), 1)
d.addCallback(assert_response)
return d
def _test_should_renew_xsrf_cookie(self):
request = DummyRequest([""])
request.addCookie = MagicMock()
generated_csrf_token = "csrf_token"
mock_sha = MagicMock()
mock_sha.hexdigest = MagicMock(return_value=generated_csrf_token)
with patch("hashlib.sha256", return_value=mock_sha):
d = self.web.get(request)
def assert_csrf_cookie(_):
request.addCookie.assert_called_once_with("XSRF-TOKEN", generated_csrf_token)
d.addCallback(assert_csrf_cookie)
return d
def test_should_renew_xsrf_cookie_on_startup_mode(self):
self.root_resource._mode = MODE_STARTUP
self._test_should_renew_xsrf_cookie()
def test_should_renew_xsrf_cookie_on_running_mode(self):
self.root_resource._mode = MODE_RUNNING
self._test_should_renew_xsrf_cookie()
def test_should_unavailable_child_resource_during_startup(self):
self.root_resource._mode = MODE_STARTUP
request = DummyRequest(["/child"])
request.getCookie = MagicMock(return_value="irrelevant -- stubbed")
d = self.web.get(request)
def assert_unavailable(_):
self.assertEqual(503, request.responseCode)
self.assertEqual("Service Unavailable", request.written[0])
d.addCallback(assert_unavailable)
return d
def _mock_ajax_csrf(self, request, csrf_token):
request.requestHeaders.setRawHeaders("x-requested-with", ["XMLHttpRequest"])
request.requestHeaders.setRawHeaders("x-xsrf-token", [csrf_token])
def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch(self):
request = DummyRequest(["/child"])
request.method = "POST"
self._mock_ajax_csrf(request, "stubbed csrf token")
request.getCookie = MagicMock(return_value="mismatched csrf token")
d = self.web.get(request)
def assert_unauthorized(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized)
return d
def test_should_authorize_child_resource_non_ajax_GET_requests(self):
request = DummyRequest(["features"])
request.getCookie = MagicMock(return_value="irrelevant -- stubbed")
self.root_resource._child_resources.add("features", FeaturesResource())
self.root_resource._mode = MODE_RUNNING
d = self.web.get(request)
def assert_unauthorized(_):
self.assertEqual(200, request.code)
d.addCallback(assert_unauthorized)
return d
def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch(self):
request = DummyRequest(["mails"])
request.method = "POST"
request.addArg("csrftoken", "some csrf token")
mock_content = MagicMock()
mock_content.read = MagicMock(return_value={})
request.content = mock_content
request.getCookie = MagicMock(return_value="mismatched csrf token")
d = self.web.get(request)
def assert_unauthorized(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized)
return d
class TestLoginResource(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
def test_children_resources_are_unauthorized_when_not_logged_in(self):
request = DummyRequest(['/some_child_resource'])
d = self.web.get(request)
def assert_unauthorized_resources(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized_resources)
return d
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in):
request = DummyRequest(['/login/grand_children'])
mock_is_logged_in.return_value = True
when(self.services_factory).is_logged_in(ANY()).thenReturn(True)
d = self.web.get(request)
def assert_resources_not_found(_):
self.assertEqual(404, request.responseCode)
self.assertIn("No Such Resource", request.written[0])
d.addCallback(assert_resources_not_found)
return d
def test_get(self):
request = DummyRequest([''])
d = self.web.get(request)
def assert_form_rendered(_):
self.assertEqual(200, request.responseCode)
form_action = 'action="/login"'
form_method = 'method="post"'
input_username = '******'
input_password = '******'
input_submit = 'name="login"'
default_disclaimer = 'Some disclaimer'
written_response = ''.join(request.written)
self.assertIn(form_action, written_response)
self.assertIn(form_method, written_response)
self.assertIn(input_password, written_response)
self.assertIn(input_submit, written_response)
self.assertIn(input_username, written_response)
self.assertIn(default_disclaimer, written_response)
d.addCallback(assert_form_rendered)
return d
def _write(self, filename, content):
with open(filename, 'w') as disclaimer_file:
disclaimer_file.write(content)
def test_override_login_disclaimer_message(self):
request = DummyRequest([''])
banner_file_name = 'banner.txt'
banner_disclaimer_content = '<p>some custom disclaimer</p>'
self._write(banner_file_name, banner_disclaimer_content)
self.resource._disclaimer_banner = 'service/_trial_temp/' + banner_file_name
d = self.web.get(request)
def assert_custom_disclaimer_rendered(_):
self.assertEqual(200, request.responseCode)
written_response = ''.join(request.written)
self.assertIn(banner_disclaimer_content, written_response)
def tear_down(_):
os.remove(banner_file_name)
d.addCallback(assert_custom_disclaimer_rendered)
d.addCallback(tear_down)
return d
class TestRootResource(unittest.TestCase):
MAIL_ADDRESS = '*****@*****.**'
def setUp(self):
self.mail_service = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.mail_service = self.mail_service
self.services_factory._services_by_user = {'someuserid': self.mail_service}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.mail_service.account_email = self.MAIL_ADDRESS
root_resource = RootResource(self.services_factory)
root_resource._html_template = "<html><head><title>$account_email</title></head></html>"
root_resource._mode = root_resource
self.web = DummySite(root_resource)
self.root_resource = root_resource
def test_render_GET_should_template_account_email(self):
request = DummyRequest([''])
request.addCookie = lambda key, value: 'stubbed'
d = self.web.get(request)
def assert_response(_):
expected = "<title>{0}</title>".format(self.MAIL_ADDRESS)
matches = re.findall(expected, request.written[0])
self.assertEquals(len(matches), 1)
d.addCallback(assert_response)
return d
def _test_should_renew_xsrf_cookie(self):
request = DummyRequest([''])
request.addCookie = MagicMock()
generated_csrf_token = 'csrf_token'
mock_sha = MagicMock()
mock_sha.hexdigest = MagicMock(return_value=generated_csrf_token)
with patch('hashlib.sha256', return_value=mock_sha):
d = self.web.get(request)
def assert_csrf_cookie(_):
request.addCookie.assert_called_once_with('XSRF-TOKEN', generated_csrf_token)
d.addCallback(assert_csrf_cookie)
return d
def test_should_renew_xsrf_cookie_on_startup_mode(self):
self.root_resource._mode = MODE_STARTUP
self._test_should_renew_xsrf_cookie()
def test_should_renew_xsrf_cookie_on_running_mode(self):
self.root_resource._mode = MODE_RUNNING
self._test_should_renew_xsrf_cookie()
def test_should_unavailable_child_resource_during_startup(self):
self.root_resource._mode = MODE_STARTUP
request = DummyRequest(['/child'])
request.getCookie = MagicMock(return_value='irrelevant -- stubbed')
d = self.web.get(request)
def assert_unavailable(_):
self.assertEqual(503, request.responseCode)
self.assertEqual("Service Unavailable", request.written[0])
d.addCallback(assert_unavailable)
return d
def _mock_ajax_csrf(self, request, csrf_token):
request.requestHeaders.setRawHeaders('x-requested-with', ['XMLHttpRequest'])
request.requestHeaders.setRawHeaders('x-xsrf-token', [csrf_token])
def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch(self):
request = DummyRequest(['/child'])
request.method = 'POST'
self._mock_ajax_csrf(request, 'stubbed csrf token')
request.getCookie = MagicMock(return_value='mismatched csrf token')
d = self.web.get(request)
def assert_unauthorized(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized)
return d
def test_should_404_non_existing_resource_with_valid_csrf(self):
request = DummyRequest(['/non-existing-child'])
request.method = 'POST'
self._mock_ajax_csrf(request, 'stubbed csrf token')
request.getCookie = MagicMock(return_value='stubbed csrf token')
d = self.web.get(request)
def assert_not_found(_):
self.assertEqual(404, request.responseCode)
self.assertIn("No Such Resource", request.written[0])
d.addCallback(assert_not_found)
return d
def test_should_authorize_child_resource_non_ajax_GET_requests(self):
request = DummyRequest(['features'])
request.getCookie = MagicMock(return_value='irrelevant -- stubbed')
self.root_resource._child_resources.add('features', FeaturesResource())
self.root_resource._mode = MODE_RUNNING
d = self.web.get(request)
def assert_unauthorized(_):
self.assertEqual(200, request.code)
d.addCallback(assert_unauthorized)
return d
def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch(self):
request = DummyRequest(['mails'])
request.method = 'POST'
request.addArg('csrftoken', 'some csrf token')
mock_content = MagicMock()
mock_content.read = MagicMock(return_value={})
request.content = mock_content
request.getCookie = MagicMock(return_value='mismatched csrf token')
d = self.web.get(request)
def assert_unauthorized(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized)
return d
class TestKeysResource(unittest.TestCase):
def setUp(self):
self.keymanager = mock()
self.services_factory = mock()
self.services_factory.mode = UserAgentMode(is_single_user=True)
self.services = mock()
self.services.keymanager = self.keymanager
self.services_factory._services_by_user = {'someuserid': self.keymanager}
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.web = DummySite(KeysResource(self.services_factory))
def test_returns_404_if_key_not_found(self):
request = DummyRequest(['/keys'])
request.addArg('search', '*****@*****.**')
when(self.keymanager).fetch_key('*****@*****.**').thenReturn(defer.fail(KeyNotFound()))
d = self.web.get(request)
def assert_404(_):
self.assertEquals(404, request.code)
d.addCallback(assert_404)
return d
def test_returns_the_key_as_json_if_found(self):
request = DummyRequest(['/keys'])
request.addArg('search', 'some@key')
when(self.keymanager).fetch_key('some@key').thenReturn(defer.succeed(OpenPGPKey('some@key')))
d = self.web.get(request)
expected = {
u'address': u'some@key',
u'encr_used': False,
u'fingerprint': u'',
u'last_audited_at': 0,
u'private': False,
u'sign_used': False,
u'tags': [u'keymanager-active'],
u'type': u'OpenPGPKey-active',
u'validation': u'Weak_Chain',
u'version': 1,
}
def assert_response(_):
actual = json.loads(ast.literal_eval(request.written[0]))
self.assertEquals(expected, actual)
d.addCallback(assert_response)
return d
def test_returns_unauthorized_if_key_is_private(self):
request = DummyRequest(['/keys'])
request.addArg('search', 'some@key')
when(self.keymanager).fetch_key('some@key').thenReturn(defer.succeed(OpenPGPKey('some@key', private=True)))
d = self.web.get(request)
def assert_response(_):
self.assertEquals(401, request.code)
d.addCallback(assert_response)
return d
