def setUp(self): self.services_factory = mock() self.portal = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' leap_session = mock(LeapSession) user_auth = mock() user_auth.uuid = 'some_user_uuid' leap_session.user_auth = user_auth config = mock() config.leap_home = 'some_folder' leap_session.config = config leap_session.fresh_account = False self.leap_session = leap_session self.user_auth = user_auth
class TestLoginStatus(unittest.TestCase): def setUp(self): self.services_factory = mock() self.resource = LoginStatusResource(self.services_factory) self.web = DummySite(self.resource) self.request = DummyRequest(['/status']) def test_login_status_completed_when_single_user(self): self.services_factory.mode = mock() self.services_factory.mode.is_single_user = True d = self.web.get(self.request) def assert_login_completed(_): self.assertIn('completed', self.request.written[0]) d.addCallback(assert_login_completed) return d @patch('pixelated.resources.session.PixelatedSession.check_login_status') def test_login_status_when_multi_user_returns_check_login_status(self, mock_login_status): self.services_factory.mode = mock() self.services_factory.mode.is_single_user = False mock_login_status.return_value = 'started' d = self.web.get(self.request) def assert_login_completed(_): self.assertIn('started', self.request.written[0]) d.addCallback(assert_login_completed) return d
class TestKeysResource(unittest.TestCase): def setUp(self): self.keymanager = mock() self.web = DummySite(KeysResource(self.keymanager)) def test_returns_404_if_key_not_found(self): request = DummyRequest(['/keys']) request.addArg('search', '*****@*****.**') when(self.keymanager).get_key_from_cache( '*****@*****.**', OpenPGPKey).thenRaise(KeyNotFound()) d = self.web.get(request) def assert_404(_): self.assertEquals(404, request.code) d.addCallback(assert_404) return d def test_returns_the_key_as_json_if_found(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).get_key_from_cache('some@key', OpenPGPKey).thenReturn( OpenPGPKey('some@key')) d = self.web.get(request) def assert_response(_): self.assertEquals( '"{\\"tags\\": [\\"keymanager-key\\"], \\"fingerprint\\": null, ' '\\"private\\": null, \\"expiry_date\\": null, \\"address\\": ' '\\"some@key\\", \\"last_audited_at\\": null, \\"key_data\\": null, ' '\\"length\\": null, \\"key_id\\": null, \\"validation\\": null, ' '\\"type\\": \\"<class \'leap.keymanager.openpgp.OpenPGPKey\'>\\", ' '\\"first_seen_at\\": null}"', request.written[0]) d.addCallback(assert_response) return d def test_returns_unauthorized_if_key_is_private(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).get_key_from_cache('some@key', OpenPGPKey).thenReturn( OpenPGPKey('some@key', private=True)) d = self.web.get(request) def assert_response(_): self.assertEquals(401, request.code) d.addCallback(assert_response) return d
def setUp(self): self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.keymanager = self.keymanager self.services_factory._services_by_user = { 'someuserid': self.keymanager } when(self.services_factory).services(ANY()).thenReturn(self.services) self.web = DummySite(KeysResource(self.services_factory))
class TestLoginResource(unittest.TestCase): def setUp(self): self.services_factory = mock() self.portal = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) def test_children_resources_are_unauthorized_when_not_logged_in(self): request = DummyRequest(['/some_child_resource']) d = self.web.get(request) def assert_unauthorized_resources(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized_resources) return d @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in): request = DummyRequest(['/login/grand_children']) mock_is_logged_in.return_value = True d = self.web.get(request) def assert_resources_not_found(_): self.assertEqual(404, request.responseCode) self.assertIn("No Such Resource", request.written[0]) d.addCallback(assert_resources_not_found) return d def test_get(self): request = DummyRequest(['']) d = self.web.get(request) def assert_form_rendered(_): self.assertEqual(200, request.responseCode) form_action = 'action="/login"' form_method = 'method="post"' input_username = '******' input_password = '******' input_submit = 'name="login"' written_response = ''.join(request.written) self.assertIn(form_action, written_response) self.assertIn(form_method, written_response) self.assertIn(input_password, written_response) self.assertIn(input_submit, written_response) self.assertIn(input_username, written_response) d.addCallback(assert_form_rendered) return d
class TestUsersResource(unittest.TestCase): def setUp(self): self.services_factory = mock() self.resource = UsersResource(self.services_factory) self.web = DummySite(self.resource) def test_numbers_of_users_online(self): number_of_users_online = 6 self.services_factory.online_sessions = lambda: number_of_users_online self.resource.is_admin = lambda _: True request = DummyRequest(['']) d = self.web.get(request) def assert_users_count(_): self.assertEqual(200, request.code) self.assertEqual('{"count": %d}' % number_of_users_online, request.written[0]) d.addCallback(assert_users_count) return d def test_numbers_of_users_online_is_only_available_only_for_admin(self): self.resource.is_admin = lambda _: False request = DummyRequest(['']) d = self.web.get(request) def assert_is_forbidden(_): self.assertEqual(401, request.responseCode) self.assertEqual('Unauthorized!', request.written[0]) d.addCallback(assert_is_forbidden) return d def test_is_admin_is_queried_from_leap_auth(self): leap_session = mock() auth = mock() auth.uuid = 'some_id1' leap_session.user_auth = auth leap_session.config = mock() services = Services(leap_session) service_factory = ServicesFactory(mock()) service_factory.add_session('some_id1', services) when(auth).is_admin().thenReturn(True) request = mock() resource = UsersResource(service_factory) when(resource)._get_user_id_from_request(request).thenReturn('some_id1') self.assertTrue(resource.is_admin(request)) verify(auth).is_admin()
class TestUserSettingsResource(unittest.TestCase): def setUp(self): self.services = mock() self.mail_service = mock() self.mail_service.account_email = MAIL_ADDRESS self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services.mail_service = self.mail_service self.services.keymanager = self.keymanager self.services_factory._services_by_user = { 'someuserid': self.keymanager } self.resource = UserSettingsResource(self.services_factory) when(self.services_factory).services(any()).thenReturn(self.services) self.web = DummySite(self.resource) def test_fingerprint_given(self): key = OpenPGPKey(MAIL_ADDRESS) key.fingerprint = FINGERPRINT request = DummyRequest(['/user-settings']) when(self.keymanager).fetch_key(MAIL_ADDRESS).thenReturn( defer.succeed(key)) d = self.web.get(request) def assert_response(_): response = json.loads(request.written[0]) self.assertEqual(FINGERPRINT, response['fingerprint']) self.assertEqual(MAIL_ADDRESS, response['account_email']) d.addCallback(assert_response) return d def test_fingerprint_missing(self): key = OpenPGPKey(MAIL_ADDRESS) key.fingerprint = FINGERPRINT request = DummyRequest(['/user-settings']) when(self.keymanager).fetch_key(MAIL_ADDRESS).thenReturn( defer.fail(Failure)) d = self.web.get(request) def assert_response(_): response = json.loads(request.written[0]) self.assertEqual(FINGERPRINT_NOT_FOUND, response['fingerprint']) self.assertEqual(MAIL_ADDRESS, response['account_email']) d.addCallback(assert_response) return d
class TestLogoutResource(unittest.TestCase): def setUp(self): self.services_factory = MagicMock() self.resource = LogoutResource(self.services_factory) self.services_factory.log_out_user.return_value = defer.succeed(None) self.web = DummySite(self.resource) @patch('twisted.web.util.redirectTo') def test_logout(self, mock_redirect): request = DummyRequest(['/logout']) request.method = 'POST' session = self.resource.get_session(request) session.expire = MagicMock() mock_redirect.return_value = 'some redirect response' d = self.web.get(request) def expire_session_and_redirect(_): session = self.resource.get_session(request) self.services_factory.destroy_session.assert_called_once_with( session.user_uuid) session.expire.assert_called_once_with() mock_redirect.assert_called_once_with('/login', request) d.addCallback(expire_session_and_redirect) return d def test_get_is_not_supported_for_logout(self): request = DummyRequest(['/logout']) request.method = 'GET' self.assertRaises(UnsupportedMethod, self.web.get, request) def test_errback_is_called(self): request = DummyRequest(['/logout']) request.method = 'POST' session = self.resource.get_session(request) exception = Exception('') session.expire = MagicMock(side_effect=exception) d = self.web.get(request) def assert_500_when_exception_is_thrown(_): self.assertEqual(500, request.responseCode) self.assertEqual('Something went wrong!', request.written[0]) d.addCallback(assert_500_when_exception_is_thrown) return d
def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = { 'someuserid': self.mail_service } when(self.services_factory).services(ANY()).thenReturn(self.services) self.mails_resource = AttachmentsResource(self.services_factory) self.mails_resource.isLeaf = True self.web = DummySite(self.mails_resource)
class TestKeysResource(unittest.TestCase): def setUp(self): self.keymanager = mock() self.web = DummySite(KeysResource(self.keymanager)) def test_returns_404_if_key_not_found(self): request = DummyRequest(['/keys']) request.addArg('search', '*****@*****.**') when(self.keymanager).get_key_from_cache('*****@*****.**', OpenPGPKey).thenRaise(KeyNotFound()) d = self.web.get(request) def assert_404(_): self.assertEquals(404, request.code) d.addCallback(assert_404) return d def test_returns_the_key_as_json_if_found(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).get_key_from_cache('some@key', OpenPGPKey).thenReturn(OpenPGPKey('some@key')) d = self.web.get(request) def assert_response(_): self.assertEquals('"{\\"tags\\": [\\"keymanager-key\\"], \\"fingerprint\\": null, ' '\\"private\\": null, \\"expiry_date\\": null, \\"address\\": ' '\\"some@key\\", \\"last_audited_at\\": null, \\"key_data\\": null, ' '\\"length\\": null, \\"key_id\\": null, \\"validation\\": null, ' '\\"type\\": \\"<class \'leap.keymanager.openpgp.OpenPGPKey\'>\\", ' '\\"first_seen_at\\": null}"', request.written[0]) d.addCallback(assert_response) return d def test_returns_unauthorized_if_key_is_private(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).get_key_from_cache('some@key', OpenPGPKey).thenReturn(OpenPGPKey('some@key', private=True)) d = self.web.get(request) def assert_response(_): self.assertEquals(401, request.code) d.addCallback(assert_response) return d
class TestLogoutResource(unittest.TestCase): def setUp(self): self.services_factory = MagicMock() self.resource = LogoutResource(self.services_factory) self.services_factory.log_out_user.return_value = defer.succeed(None) self.web = DummySite(self.resource) @patch('twisted.web.util.redirectTo') def test_logout(self, mock_redirect): request = DummyRequest(['/logout']) request.method = 'POST' session = self.resource.get_session(request) session.expire = MagicMock() mock_redirect.return_value = 'some redirect response' d = self.web.get(request) def expire_session_and_redirect(_): session = self.resource.get_session(request) self.services_factory.destroy_session.assert_called_once_with(session.user_uuid) session.expire.assert_called_once_with() mock_redirect.assert_called_once_with('/login', request) d.addCallback(expire_session_and_redirect) return d def test_get_is_not_supported_for_logout(self): request = DummyRequest(['/logout']) request.method = 'GET' self.assertRaises(UnsupportedMethod, self.web.get, request) def test_errback_is_called(self): request = DummyRequest(['/logout']) request.method = 'POST' session = self.resource.get_session(request) exception = Exception('') session.expire = MagicMock(side_effect=exception) d = self.web.get(request) def assert_500_when_exception_is_thrown(_): self.assertEqual(500, request.responseCode) self.assertEqual('Something went wrong!', request.written[0]) d.addCallback(assert_500_when_exception_is_thrown) return d
def setUp(self): self.services = mock() self.mail_service = mock() self.mail_service.account_email = MAIL_ADDRESS self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services.mail_service = self.mail_service self.services.keymanager = self.keymanager self.services_factory._services_by_user = { 'someuserid': self.keymanager } self.resource = UserSettingsResource(self.services_factory) when(self.services_factory).services(any()).thenReturn(self.services) self.web = DummySite(self.resource)
def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = {'someuserid': self.mail_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.mail_service.account_email = self.MAIL_ADDRESS root_resource = RootResource(self.services_factory) root_resource._html_template = "<html><head><title>$account_email</title></head></html>" root_resource._mode = root_resource self.web = DummySite(root_resource) self.root_resource = root_resource
class TestSandBoxResource(unittest.TestCase): def setUp(self): static_folder = os.path.dirname(os.path.abspath(__file__)) self.resource = SandboxResource(static_folder) self.resource.isLeaf = True self.web = DummySite(self.resource) @defer.inlineCallbacks def test_render_GET_should_set_sandbox_csp_header(self): request = DummyRequest(['/sandbox']) request.method = 'GET' request.isSecure = lambda: True request.redirect = lambda _: 'irrelevant' expected_csp_headers = "sandbox allow-popups allow-scripts;" \ "default-src 'self';" \ "style-src *;" \ "script-src *;" \ "font-src *;" \ "img-src *;" \ "object-src 'none';" \ "connect-src 'none';" yield self.web.get(request) self.assertEquals( expected_csp_headers, request.outgoingHeaders.get('X-Content-Security-Policy'.lower())) self.assertEquals( expected_csp_headers, request.outgoingHeaders.get('Content-Security-Policy'.lower())) self.assertEquals(expected_csp_headers, request.outgoingHeaders.get('X-Webkit-CSP'.lower()))
def test_render_PUT_should_store_draft_with_attachments(self, mock_register): request = DummyRequest([]) request.method = 'PUT' request.content = mock() when(request.content).read().thenReturn('{"attachments": [{"ident": "some fake attachment id"}]}') when(self.mail_service).attachment('some fake attachment id').thenReturn(defer.succeed({'content': mock()})) mails_resource = MailsResource(self.services_factory) web = DummySite(mails_resource) d = web.get(request) def assert_response(_): verify(self.mail_service).attachment('some fake attachment id') d.addCallback(assert_response) return d
class TestLogoutResource(unittest.TestCase): def setUp(self): self.services_factory = MagicMock() self.resource = LogoutResource(self.services_factory) self.services_factory.log_out_user.return_value = defer.succeed(None) self.web = DummySite(self.resource) @patch('twisted.web.util.redirectTo') def test_logout(self, mock_redirect): request = DummyRequest(['/logout']) request.method = 'POST' session = self.resource.get_session(request) session.expire = MagicMock() mock_redirect.return_value = 'some redirect response' d = self.web.get(request) def expire_session_and_redirect(_): session = self.resource.get_session(request) self.services_factory.log_out_user.assert_called_once_with( session.user_uuid) session.expire.assert_called_once_with() mock_redirect.assert_called_once_with('/login', request) d.addCallback(expire_session_and_redirect) return d def test_get_is_not_supported_for_logout(self): request = DummyRequest(['/logout']) request.method = 'GET' self.assertRaises(UnsupportedMethod, self.web.get, request)
class TestTagsResource(unittest.TestCase): def setUp(self): self.services_factory = MagicMock() self.resource = TagsResource(self.services_factory) def test_errback_is_called(self): exception = Exception('') mock_search_engine = MagicMock() mock_search_engine.tags = MagicMock(side_effect=exception) mock_service = MagicMock() mock_service.search_engine = mock_search_engine self.services_factory.services.return_value = mock_service self.web = DummySite(self.resource) request = DummyRequest(['/tags']) request.method = 'GET' d = self.web.get(request) def assert_500_when_exception_is_thrown(_): self.assertEqual(500, request.responseCode) self.assertEqual('Something went wrong!', request.written[0]) d.addCallback(assert_500_when_exception_is_thrown) return d
class TestSandBoxResource(unittest.TestCase): def setUp(self): static_folder = os.path.dirname(os.path.abspath(__file__)) self.resource = SandboxResource(static_folder) self.resource.isLeaf = True self.web = DummySite(self.resource) @defer.inlineCallbacks def test_render_GET_should_set_sandbox_csp_header(self): request = DummyRequest(['/sandbox']) request.method = 'GET' request.isSecure = lambda: True request.redirect = lambda _: 'irrelevant' expected_csp_headers = "sandbox allow-popups allow-scripts;" \ "default-src 'self';" \ "style-src *;" \ "script-src *;" \ "font-src *;" \ "img-src *;" \ "object-src 'none';" \ "connect-src 'none';" yield self.web.get(request) self.assertEquals(expected_csp_headers, request.responseHeaders.getRawHeaders('X-Content-Security-Policy'.lower())[0]) self.assertEquals(expected_csp_headers, request.responseHeaders.getRawHeaders('Content-Security-Policy'.lower())[0]) self.assertEquals(expected_csp_headers, request.responseHeaders.getRawHeaders('X-Webkit-CSP'.lower())[0])
def setUp(self): self.services_factory = MagicMock() self.authenticator = MagicMock() self.leap_provider = MagicMock() self.leap_provider.server_name = 'test.com' self.resource = BackupAccountResource(self.services_factory, self.authenticator, self.leap_provider) self.web = DummySite(self.resource)
class TestRootResource(unittest.TestCase): MAIL_ADDRESS = '*****@*****.**' def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = {'someuserid': self.mail_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.mail_service.account_email = self.MAIL_ADDRESS root_resource = RootResource(self.services_factory) root_resource._html_template = "<html><head><title>$account_email</title></head></html>" root_resource._mode = root_resource self.web = DummySite(root_resource) def test_render_GET_should_template_account_email(self): request = DummyRequest(['']) d = self.web.get(request) def assert_response(_): expected = "<title>{0}</title>".format(self.MAIL_ADDRESS) matches = re.findall(expected, request.written[0]) self.assertEquals(len(matches), 1) d.addCallback(assert_response) return d
class TestLogoutResource(unittest.TestCase): def setUp(self): self.services_factory = MagicMock() self.resource = LogoutResource(self.services_factory) self.services_factory.log_out_user.return_value = defer.succeed(None) self.web = DummySite(self.resource) @patch('twisted.web.util.redirectTo') def test_logout(self, mock_redirect): request = DummyRequest(['/logout']) request.method = 'POST' session = self.resource.get_session(request) session.expire = MagicMock() mock_redirect.return_value = 'some redirect response' d = self.web.get(request) def expire_session_and_redirect(_): session = self.resource.get_session(request) self.services_factory.log_out_user.assert_called_once_with(session.user_uuid) session.expire.assert_called_once_with() mock_redirect.assert_called_once_with('/login', request) d.addCallback(expire_session_and_redirect) return d def test_get_is_not_supported_for_logout(self): request = DummyRequest(['/logout']) request.method = 'GET' self.assertRaises(UnsupportedMethod, self.web.get, request)
class TestFeedbackResource(unittest.TestCase): def setUp(self): self.feedback_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.feedback_service = self.feedback_service self.services_factory._services_by_user = {'someuserid': self.feedback_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.web = DummySite(FeedbackResource(self.services_factory)) def test_sends_feedback_to_leap_web(self): request = DummyRequest(['/feedback']) request.method = 'POST' content = mock() when(content).read().thenReturn(json.dumps({'feedback': 'Pixelated is awesome!'})) request.content = content d = self.web.get(request) def assert_posted_feedback_to_leap_web(_): verify(self.feedback_service).open_ticket('Pixelated is awesome!') d.addCallback(assert_posted_feedback_to_leap_web) return d
class TestUserSettingsResource(unittest.TestCase): def setUp(self): self.services = mock() self.mail_service = mock() self.mail_service.account_email = MAIL_ADDRESS self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services.mail_service = self.mail_service self.services.keymanager = self.keymanager self.services_factory._services_by_user = {'someuserid': self.keymanager} self.resource = UserSettingsResource(self.services_factory) when(self.services_factory).services(any()).thenReturn(self.services) self.web = DummySite(self.resource) def test_fingerprint_given(self): key = OpenPGPKey(MAIL_ADDRESS) key.fingerprint = FINGERPRINT request = DummyRequest(['/user-settings']) when(self.keymanager).fetch_key(MAIL_ADDRESS).thenReturn(defer.succeed(key)) d = self.web.get(request) def assert_response(_): response = json.loads(request.written[0]) self.assertEqual(FINGERPRINT, response['fingerprint']) self.assertEqual(MAIL_ADDRESS, response['account_email']) d.addCallback(assert_response) return d def test_fingerprint_missing(self): key = OpenPGPKey(MAIL_ADDRESS) key.fingerprint = FINGERPRINT request = DummyRequest(['/user-settings']) when(self.keymanager).fetch_key(MAIL_ADDRESS).thenReturn(defer.fail(Failure)) d = self.web.get(request) def assert_response(_): response = json.loads(request.written[0]) self.assertEqual(FINGERPRINT_NOT_FOUND, response['fingerprint']) self.assertEqual(MAIL_ADDRESS, response['account_email']) d.addCallback(assert_response) return d
def test_render_PUT_should_store_draft_with_attachments(self, mock_register): request = DummyRequest(['/mails']) request.method = 'PUT' content = mock() when(content).read().thenReturn('{"attachments": [{"ident": "some fake attachment id"}]}') when(self.mail_service).attachment('some fake attachment id').thenReturn(defer.Deferred()) request.content = content mails_resource = MailsResource(self.services_factory) mails_resource.isLeaf = True web = DummySite(mails_resource) d = web.get(request) def assert_response(_): verify(self.mail_service).attachment('some fake attachment id') d.addCallback(assert_response) return d
def setUp(self): self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.keymanager = self.keymanager self.services_factory._services_by_user = {'someuserid': self.keymanager} when(self.services_factory).services(ANY()).thenReturn(self.services) self.web = DummySite(KeysResource(self.services_factory))
def setUp(self): self.feedback_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.feedback_service = self.feedback_service self.services_factory._services_by_user = {'someuserid': self.feedback_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.web = DummySite(FeedbackResource(self.services_factory))
def test_render_GET_should_unicode_mails_search_query(self, mock_register): request = DummyRequest([]) non_unicode_search_term = 'coração' request.addArg('q', non_unicode_search_term) request.addArg('w', 25) request.addArg('p', 1) unicodified_search_term = u'coração' when(self.mail_service).mails(unicodified_search_term, 25, 1).thenReturn(defer.succeed(([], 0))) mails_resource = MailsResource(self.services_factory) web = DummySite(mails_resource) d = web.get(request) def assert_response(_): verify(self.mail_service).mails(unicodified_search_term, 25, 1) d.addCallback(assert_response) return d
def test_render_GET_should_unicode_mails_search_query(self, mock_register): request = DummyRequest(['/mails']) non_unicode_search_term = 'coração' request.addArg('q', non_unicode_search_term) request.addArg('w', 25) request.addArg('p', 1) unicodified_search_term = u'coração' when(self.mail_service).mails(unicodified_search_term, 25, 1).thenReturn(defer.Deferred()) mails_resource = MailsResource(self.services_factory) mails_resource.isLeaf = True web = DummySite(mails_resource) d = web.get(request) def assert_response(_): verify(self.mail_service).mails(unicodified_search_term, 25, 1) d.addCallback(assert_response) return d
def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = {'someuserid': self.mail_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.mails_resource = AttachmentsResource(self.services_factory) self.mails_resource.isLeaf = True self.web = DummySite(self.mails_resource)
def test_render_POST_should_send_email_with_attachments(self, mock_register): request = DummyRequest([]) request.method = 'POST' request.content = mock() when(request.content).read().thenReturn('{"attachments": [{"ident": "some fake attachment id"}]}') when(self.mail_service).attachment('some fake attachment id').thenReturn(defer.succeed({"content": "some content"})) as_dictable = mock() when(as_dictable).as_dict().thenReturn({}) when(self.mail_service).send_mail({"attachments": [{"ident": "some fake attachment id", "raw": "some content"}]})\ .thenReturn(defer.succeed(as_dictable)) mails_resource = MailsResource(self.services_factory) web = DummySite(mails_resource) d = web.get(request) def assert_response(_): verify(self.mail_service).attachment('some fake attachment id') verify(self.mail_service).send_mail({"attachments": [{"ident": "some fake attachment id", "raw": "some content"}]}) d.addCallback(assert_response) return d
def setUp(self): self.services = mock() self.mail_service = mock() self.mail_service.account_email = MAIL_ADDRESS self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services.mail_service = self.mail_service self.services.keymanager = self.keymanager self.services_factory._services_by_user = {'someuserid': self.keymanager} self.resource = UserSettingsResource(self.services_factory) when(self.services_factory).services(any()).thenReturn(self.services) self.web = DummySite(self.resource)
def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = {'someuserid': self.mail_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.mail_service.account_email = self.MAIL_ADDRESS root_resource = RootResource(self.services_factory) root_resource._html_template = "<html><head><title>$account_email</title></head></html>" root_resource._mode = root_resource self.web = DummySite(root_resource)
def test_render_POST_should_send_email_with_attachments(self, mock_register): request = DummyRequest(['/mails']) request.method = 'POST' content = mock() when(content).read().thenReturn('{"attachments": [{"ident": "some fake attachment id"}]}') when(self.mail_service).attachment('some fake attachment id').thenReturn(defer.succeed({"content": "some content"})) as_dictable = mock() when(as_dictable).as_dict().thenReturn({}) when(self.mail_service).send_mail({"attachments": [{"ident": "some fake attachment id", "raw": "some content"}]})\ .thenReturn(defer.succeed(as_dictable)) request.content = content mails_resource = MailsResource(self.services_factory) mails_resource.isLeaf = True web = DummySite(mails_resource) d = web.get(request) def assert_response(_): verify(self.mail_service).attachment('some fake attachment id') verify(self.mail_service).send_mail({"attachments": [{"ident": "some fake attachment id", "raw": "some content"}]}) d.addCallback(assert_response) return d
def setUp(self): self.services_factory = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.provider) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' user_auth = mock() user_auth.uuid = 'some_user_uuid' self.user_auth = user_auth
class TestFeedbackResource(unittest.TestCase): def setUp(self): self.feedback_service = mock() self.web = DummySite(FeedbackResource(self.feedback_service)) def test_sends_feedback_to_leap_web(self): request = DummyRequest(['/feedback']) request.method = 'POST' content = mock() when(content).read().thenReturn(json.dumps({'feedback': 'Pixelated is awesome!'})) request.content = content d = self.web.get(request) def assert_posted_feedback_to_leap_web(_): verify(self.feedback_service).open_ticket('Pixelated is awesome!') d.addCallback(assert_posted_feedback_to_leap_web) return d
class TestFeedbackResource(unittest.TestCase): def setUp(self): self.feedback_service = mock() self.web = DummySite(FeedbackResource(self.feedback_service)) def test_sends_feedback_to_leap_web(self): request = DummyRequest(['/feedback']) request.method = 'POST' content = mock() when(content).read().thenReturn( json.dumps({'feedback': 'Pixelated is awesome!'})) request.content = content d = self.web.get(request) def assert_posted_feedback_to_leap_web(_): verify(self.feedback_service).open_ticket('Pixelated is awesome!') d.addCallback(assert_posted_feedback_to_leap_web) return d
class TestLogoutResource(unittest.TestCase): def setUp(self): self.services_factory = mock() self.resource = LogoutResource(self.services_factory) self.web = DummySite(self.resource) @patch('twisted.web.util.redirectTo') def test_logout(self, mock_redirect): request = DummyRequest(['/logout']) mock_redirect.return_value = 'haha' d = self.web.get(request) def expire_session_and_redirect(_): session = self.resource.get_session(request) self.assertFalse(session.is_logged_in()) mock_redirect.assert_called_once_with('/login', request) d.addCallback(expire_session_and_redirect) return d
class TestRootResource(unittest.TestCase): MAIL_ADDRESS = '*****@*****.**' def setUp(self): root_resource = RootResource() root_resource._mode = root_resource root_resource.account_email = self.MAIL_ADDRESS root_resource._html_template = "<html><head><title>$account_email</title></head></html>" self.web = DummySite(root_resource) def test_render_GET_should_template_account_email(self): request = DummyRequest(['']) d = self.web.get(request) def assert_response(_): expected = "<title>{0}</title>".format(self.MAIL_ADDRESS) matches = re.findall(expected, request.written[0]) self.assertEquals(len(matches), 1) d.addCallback(assert_response) return d
class TestArchiveResource(unittest.TestCase): def setUp(self): self.mail_service = mock() self.web = DummySite(MailsArchiveResource(self.mail_service)) def test_render_POST_should_archive_mails(self): request = DummyRequest(['/mails/archive']) request.method = 'POST' content = mock() when(content).read().thenReturn(json.dumps({'idents': ['1', '2']})) when(self.mail_service).archive_mail('1').thenReturn(defer.Deferred()) when(self.mail_service).archive_mail('2').thenReturn(defer.Deferred()) request.content = content d = self.web.get(request) def assert_response(_): verify(self.mail_service).archive_mail('1') verify(self.mail_service).archive_mail('2') d.addCallback(assert_response) return d
class TestArchiveResource(unittest.TestCase): def setUp(self): self.mail_service = mock() self.web = DummySite(MailsArchiveResource(self.mail_service)) def test_render_POST_should_archive_mails(self): request = DummyRequest(["/mails/archive"]) request.method = "POST" content = mock() when(content).read().thenReturn(json.dumps({"idents": ["1", "2"]})) when(self.mail_service).archive_mail("1").thenReturn(defer.Deferred()) when(self.mail_service).archive_mail("2").thenReturn(defer.Deferred()) request.content = content d = self.web.get(request) def assert_response(_): verify(self.mail_service).archive_mail("1") verify(self.mail_service).archive_mail("2") d.addCallback(assert_response) return d
class TestArchiveResource(unittest.TestCase): def setUp(self): self.mail_service = mock() self.web = DummySite(MailsArchiveResource(self.mail_service)) def test_render_POST_should_archive_mails(self): request = DummyRequest(['/mails/archive']) request.method = 'POST' idents = ['1', '2'] content = mock() when(content).read().thenReturn(json.dumps({'idents': ['1', '2']})) when(self.mail_service).archive_mail('1').thenReturn(defer.succeed(None)) when(self.mail_service).archive_mail('2').thenReturn(defer.succeed(None)) request.content = content d = self.web.get(request) def assert_response(_): verify(self.mail_service).archive_mail('1') verify(self.mail_service).archive_mail('2') d.addCallback(assert_response) return d
class AttachmentsResourceTest(unittest.TestCase): def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = { 'someuserid': self.mail_service } when(self.services_factory).services(ANY()).thenReturn(self.services) self.mails_resource = AttachmentsResource(self.services_factory) self.mails_resource.isLeaf = True self.web = DummySite(self.mails_resource) @patch('cgi.FieldStorage') def test_post_new_attachment(self, mock_fields): request = DummyRequest(['/attachment']) request.method = 'POST' request.content = 'mocked' attachment_id = 'B5B4ED80AC3B894523D72E375DACAA2FC6606C18EDF680FE95903086C8B5E14A' _file = MagicMock() _file.value = 'some mocked value' _file.type = 'some mocked type' _file.filename = 'filename.txt' mock_fields.return_value = {'attachment': _file} when(self.mail_service).save_attachment( 'some mocked value', 'some mocked type').thenReturn(defer.succeed(attachment_id)) d = self.web.get(request) def assert_response(_): self.assertEqual(201, request.code) self.assertEqual('/attachment/%s' % attachment_id, request.headers['Location']) response_json = { 'ident': attachment_id, 'content-type': 'some mocked type', 'name': 'filename.txt', 'size': 17, 'encoding': 'base64' } self.assertEqual(response_json, json.loads(request.written[0])) verify(self.mail_service).save_attachment('some mocked value', 'some mocked type') d.addCallback(assert_response) return d @patch('cgi.FieldStorage') def test_post_attachment_fails(self, mock_fields): request = DummyRequest(['/attachment']) request.method = 'POST' request.content = 'mocked' _file = MagicMock() _file.value = 'some mocked value' _file.type = 'some mocked type' mock_fields.return_value = {'attachment': _file} when(self.mail_service).save_attachment('some mocked value', 'some mocked type').thenReturn( defer.fail(Exception)) d = self.web.get(request) def assert_response(_): self.assertEqual(500, request.code) self.assertFalse('Location' in request.headers) self.assertIn("message", json.loads(request.written[0])) verify(self.mail_service).save_attachment('some mocked value', 'some mocked type') d.addCallback(assert_response) return d
def setUp(self): self.services_factory = mock() self.resource = UsersResource(self.services_factory) self.web = DummySite(self.resource)
def setUp(self): static_folder = os.path.dirname(os.path.abspath(__file__)) self.resource = SandboxResource(static_folder) self.resource.isLeaf = True self.web = DummySite(self.resource)
def setUp(self): self.services_factory = mock() self.portal = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource)
def setUp(self): self.keymanager = mock() self.web = DummySite(KeysResource(self.keymanager))
def setUp(self): self.mail_service = mock() self.web = DummySite(MailsArchiveResource(self.mail_service))
class TestRootResource(unittest.TestCase): MAIL_ADDRESS = '*****@*****.**' def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = { 'someuserid': self.mail_service } when(self.services_factory).services(ANY()).thenReturn(self.services) self.mail_service.account_email = self.MAIL_ADDRESS root_resource = RootResource(self.services_factory) root_resource._html_template = "<html><head><title>$account_email</title></head></html>" root_resource._mode = root_resource self.web = DummySite(root_resource) self.root_resource = root_resource def test_render_GET_should_template_account_email(self): request = DummyRequest(['']) request.addCookie = lambda key, value: 'stubbed' d = self.web.get(request) def assert_response(_): expected = "<title>{0}</title>".format(self.MAIL_ADDRESS) matches = re.findall(expected, request.written[0]) self.assertEquals(len(matches), 1) d.addCallback(assert_response) return d def _test_should_renew_xsrf_cookie(self): request = DummyRequest(['']) request.addCookie = MagicMock() generated_csrf_token = 'csrf_token' mock_sha = MagicMock() mock_sha.hexdigest = MagicMock(return_value=generated_csrf_token) with patch('hashlib.sha256', return_value=mock_sha): d = self.web.get(request) def assert_csrf_cookie(_): request.addCookie.assert_called_once_with('XSRF-TOKEN', generated_csrf_token) d.addCallback(assert_csrf_cookie) return d def test_should_renew_xsrf_cookie_on_startup_mode(self): self.root_resource._mode = MODE_STARTUP self._test_should_renew_xsrf_cookie() def test_should_renew_xsrf_cookie_on_running_mode(self): self.root_resource._mode = MODE_RUNNING self._test_should_renew_xsrf_cookie() def test_should_unavailable_child_resource_during_startup(self): self.root_resource._mode = MODE_STARTUP request = DummyRequest(['/child']) request.getCookie = MagicMock(return_value='irrelevant -- stubbed') d = self.web.get(request) def assert_unavailable(_): self.assertEqual(503, request.responseCode) self.assertEqual("Service Unavailable", request.written[0]) d.addCallback(assert_unavailable) return d def _mock_ajax_csrf(self, request, csrf_token): request.requestHeaders.setRawHeaders('x-requested-with', ['XMLHttpRequest']) request.requestHeaders.setRawHeaders('x-xsrf-token', [csrf_token]) def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch( self): request = DummyRequest(['/child']) self._mock_ajax_csrf(request, 'stubbed csrf token') request.getCookie = MagicMock(return_value='mismatched csrf token') d = self.web.get(request) def assert_unauthorized(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized) return d def test_should_authorize_child_resource_non_ajax_GET_requests(self): request = DummyRequest(['features']) request.getCookie = MagicMock(return_value='irrelevant -- stubbed') self.root_resource._child_resources.add('features', FeaturesResource()) self.root_resource._mode = MODE_RUNNING d = self.web.get(request) def assert_unauthorized(_): self.assertEqual(200, request.code) d.addCallback(assert_unauthorized) return d def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch( self): request = DummyRequest(['mails']) request.method = 'POST' request.addArg('csrftoken', 'some csrf token') mock_content = MagicMock() mock_content.read = MagicMock(return_value={}) request.content = mock_content request.getCookie = MagicMock(return_value='mismatched csrf token') d = self.web.get(request) def assert_unauthorized(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized) return d
class TestLoginResource(unittest.TestCase): def setUp(self): self.services_factory = mock() self.portal = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) def test_children_resources_are_unauthorized_when_not_logged_in(self): request = DummyRequest(['/some_child_resource']) d = self.web.get(request) def assert_unauthorized_resources(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized_resources) return d @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_there_are_no_grand_children_resources_when_logged_in( self, mock_is_logged_in): request = DummyRequest(['/login/grand_children']) mock_is_logged_in.return_value = True when(self.services_factory).is_logged_in(ANY()).thenReturn(True) d = self.web.get(request) def assert_resources_not_found(_): self.assertEqual(404, request.responseCode) self.assertIn("No Such Resource", request.written[0]) d.addCallback(assert_resources_not_found) return d def test_get(self): request = DummyRequest(['']) d = self.web.get(request) def assert_form_rendered(_): self.assertEqual(200, request.responseCode) form_action = 'action="/login"' form_method = 'method="post"' input_username = '******' input_password = '******' input_submit = 'name="login"' default_disclaimer = 'Some disclaimer' written_response = ''.join(request.written) self.assertIn(form_action, written_response) self.assertIn(form_method, written_response) self.assertIn(input_password, written_response) self.assertIn(input_submit, written_response) self.assertIn(input_username, written_response) self.assertIn(default_disclaimer, written_response) d.addCallback(assert_form_rendered) return d def _write(self, filename, content): with open(filename, 'w') as disclaimer_file: disclaimer_file.write(content) def test_override_login_disclaimer_message(self): request = DummyRequest(['']) banner_file_name = 'banner.txt' banner_disclaimer_content = '<p>some custom disclaimer</p>' self._write(banner_file_name, banner_disclaimer_content) self.resource._disclaimer_banner = 'service/_trial_temp/' + banner_file_name d = self.web.get(request) def assert_custom_disclaimer_rendered(_): self.assertEqual(200, request.responseCode) written_response = ''.join(request.written) self.assertIn(banner_disclaimer_content, written_response) def tear_down(_): os.remove(banner_file_name) d.addCallback(assert_custom_disclaimer_rendered) d.addCallback(tear_down) return d def test_non_xml_compliant_banner_will_send_default_invalid_format_banner( self): request = DummyRequest(['']) banner_file_name = 'banner.txt' xml_invalid_banner = '<p>some unclosed paragraph' self._write(banner_file_name, xml_invalid_banner) self.resource._disclaimer_banner = 'service/_trial_temp/' + banner_file_name d = self.web.get(request) def assert_default_invalid_banner_disclaimer_rendered(_): self.assertEqual(200, request.responseCode) written_response = ''.join(request.written) self.assertIn( "Invalid XML template format for service/_trial_temp/banner.txt.", written_response) def tear_down(_): os.remove(banner_file_name) d.addCallback(assert_default_invalid_banner_disclaimer_rendered) d.addCallback(tear_down) return d def test_wrong_banner_file_location_will_send_default_invalid_format_banner( self): request = DummyRequest(['']) non_existing_banner_file = 'banner.txt' self.resource._disclaimer_banner = non_existing_banner_file d = self.web.get(request) def assert_default_invalid_banner_disclaimer_rendered(_): self.assertEqual(200, request.responseCode) written_response = ''.join(request.written) self.assertIn( "Disclaimer banner file banner.txt could not be read or does not exit.", written_response) d.addCallback(assert_default_invalid_banner_disclaimer_rendered) return d
class TestKeysResource(unittest.TestCase): def setUp(self): self.keymanager = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.keymanager = self.keymanager self.services_factory._services_by_user = { 'someuserid': self.keymanager } when(self.services_factory).services(ANY()).thenReturn(self.services) self.web = DummySite(KeysResource(self.services_factory)) def test_returns_404_if_key_not_found(self): request = DummyRequest(['/keys']) request.addArg('search', '*****@*****.**') when(self.keymanager).fetch_key('*****@*****.**').thenReturn( defer.fail(KeyNotFound())) d = self.web.get(request) def assert_404(_): self.assertEquals(404, request.code) d.addCallback(assert_404) return d def test_returns_the_key_as_json_if_found(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).fetch_key('some@key').thenReturn( defer.succeed(OpenPGPKey('some@key'))) d = self.web.get(request) expected = { u'address': u'some@key', u'encr_used': False, u'fingerprint': u'', u'last_audited_at': 0, u'private': False, u'sign_used': False, u'tags': [u'keymanager-active'], u'type': u'OpenPGPKey-active', u'validation': u'Weak_Chain', u'version': 1, } def assert_response(_): actual = json.loads(ast.literal_eval(request.written[0])) self.assertEquals(expected, actual) d.addCallback(assert_response) return d def test_returns_unauthorized_if_key_is_private(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).fetch_key('some@key').thenReturn( defer.succeed(OpenPGPKey('some@key', private=True))) d = self.web.get(request) def assert_response(_): self.assertEquals(401, request.code) d.addCallback(assert_response) return d
class TestLoginPOST(unittest.TestCase): def setUp(self): self.services_factory = mock() self.portal = mock() self.provider = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) self.request = DummyRequest(['']) username = '******' self.request.addArg('username', username) password = '******' self.username = username self.password = password self.request.addArg('password', password) self.request.method = 'POST' leap_session = mock(LeapSession) user_auth = mock() user_auth.uuid = 'some_user_uuid' leap_session.user_auth = user_auth config = mock() config.leap_home = 'some_folder' leap_session.config = config leap_session.fresh_account = False self.leap_session = leap_session self.user_auth = user_auth def mock_user_has_services_setup(self): when(self.services_factory).is_logged_in('some_user_uuid').thenReturn( True) def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory( self): irrelevant = None when(self.portal).login(ANY(), None, IResource).thenReturn( (irrelevant, self.leap_session, irrelevant)) when(self.services_factory).create_services_from( self.leap_session).thenAnswer(self.mock_user_has_services_setup) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) verify(self.services_factory).create_services_from( self.leap_session) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) self.assertTrue(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d def test_login_does_not_reload_services_if_already_loaded(self): irrelevant = None when(self.portal).login(ANY(), None, IResource).thenReturn( (irrelevant, self.leap_session, irrelevant)) when(self.services_factory).is_logged_in('some_user_uuid').thenReturn( True) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) verify(self.services_factory).is_logged_in('some_user_uuid') verifyNoMoreInteractions(self.services_factory) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) self.assertTrue(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d def test_should_return_form_back_with_error_message_when_login_fails(self): when(self.portal).login(ANY(), None, IResource).thenRaise(Exception()) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) self.assertEqual(401, self.request.responseCode) written_response = ''.join(self.request.written) self.assertIn('Invalid credentials', written_response) self.assertFalse(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d @patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create') @patch('leap.auth.SRPAuth.authenticate') @patch('pixelated.config.services.Services.setup') def test_leap_session_is_not_created_when_leap_auth_fails( self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create): mock_leap_srp_auth.side_effect = SRPAuthenticationError() d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) self.assertFalse(mock_leap_session_create.called) self.assertFalse(mock_service_setup.called) self.assertEqual(401, self.request.responseCode) self.assertFalse(self.resource.is_logged_in(self.request)) d.addCallback(assert_login_setup_service_for_user) return d @patch('twisted.web.util.redirectTo') @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_should_not_process_login_if_already_logged_in( self, mock_logged_in, mock_redirect): mock_logged_in.return_value = True when(self.services_factory).is_logged_in(ANY()).thenReturn(True) mock_redirect.return_value = "mocked redirection" when(self.portal).login(ANY(), None, IResource).thenRaise(Exception()) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verifyZeroInteractions(self.portal) mock_redirect.assert_called_once_with('/', self.request) d.addCallback(assert_login_setup_service_for_user) return d
class TestKeysResource(unittest.TestCase): def setUp(self): self.keymanager = mock() self.web = DummySite(KeysResource(self.keymanager)) def test_returns_404_if_key_not_found(self): request = DummyRequest(['/keys']) request.addArg('search', '*****@*****.**') when(self.keymanager).fetch_key('*****@*****.**').thenReturn( defer.fail(KeyNotFound())) d = self.web.get(request) def assert_404(_): self.assertEquals(404, request.code) d.addCallback(assert_404) return d def test_returns_the_key_as_json_if_found(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).fetch_key('some@key').thenReturn( defer.succeed(OpenPGPKey('some@key'))) d = self.web.get(request) expected = { "tags": ["keymanager-key"], "fingerprint": '', "private": False, 'sign_used': False, 'refreshed_at': 0, "expiry_date": 0, "address": 'some@key', 'encr_used': False, 'last_audited_at': 0, 'key_data': '', 'length': 0, 'key_id': '', 'validation': 'Weak_Chain', 'type': 'OpenPGPKey', } def assert_response(_): actual = json.loads(ast.literal_eval(request.written[0])) self.assertEquals(expected, actual) d.addCallback(assert_response) return d def test_returns_unauthorized_if_key_is_private(self): request = DummyRequest(['/keys']) request.addArg('search', 'some@key') when(self.keymanager).fetch_key('some@key').thenReturn( defer.succeed(OpenPGPKey('some@key', private=True))) d = self.web.get(request) def assert_response(_): self.assertEquals(401, request.code) d.addCallback(assert_response) return d
class TestLoginResource(unittest.TestCase): def setUp(self): self.services_factory = mock() self.portal = mock() self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) def test_children_resources_are_unauthorized_when_not_logged_in(self): request = DummyRequest(['/some_child_resource']) d = self.web.get(request) def assert_unauthorized_resources(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized_resources) return d @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in): request = DummyRequest(['/login/grand_children']) mock_is_logged_in.return_value = True when(self.services_factory).is_logged_in(ANY()).thenReturn(True) d = self.web.get(request) def assert_resources_not_found(_): self.assertEqual(404, request.responseCode) self.assertIn("No Such Resource", request.written[0]) d.addCallback(assert_resources_not_found) return d def test_get(self): request = DummyRequest(['']) d = self.web.get(request) def assert_form_rendered(_): self.assertEqual(200, request.responseCode) form_action = 'action="/login"' form_method = 'method="post"' input_username = '******' input_password = '******' input_submit = 'name="login"' default_disclaimer = 'Some disclaimer' written_response = ''.join(request.written) self.assertIn(form_action, written_response) self.assertIn(form_method, written_response) self.assertIn(input_password, written_response) self.assertIn(input_submit, written_response) self.assertIn(input_username, written_response) self.assertIn(default_disclaimer, written_response) d.addCallback(assert_form_rendered) return d def _write(self, filename, content): with open(filename, 'w') as disclaimer_file: disclaimer_file.write(content) def test_override_login_disclaimer_message(self): request = DummyRequest(['']) banner_file_name = 'banner.txt' banner_disclaimer_content = '<p>some custom disclaimer</p>' self._write(banner_file_name, banner_disclaimer_content) self.resource._disclaimer_banner = 'service/_trial_temp/' + banner_file_name d = self.web.get(request) def assert_custom_disclaimer_rendered(_): self.assertEqual(200, request.responseCode) written_response = ''.join(request.written) self.assertIn(banner_disclaimer_content, written_response) def tear_down(_): os.remove(banner_file_name) d.addCallback(assert_custom_disclaimer_rendered) d.addCallback(tear_down) return d
def setUp(self): self.services_factory = MagicMock() self.resource = LogoutResource(self.services_factory) self.services_factory.log_out_user.return_value = defer.succeed(None) self.web = DummySite(self.resource)
class TestRootResource(unittest.TestCase): MAIL_ADDRESS = '*****@*****.**' def setUp(self): self.mail_service = mock() self.services_factory = mock() self.services_factory.mode = UserAgentMode(is_single_user=True) self.services = mock() self.services.mail_service = self.mail_service self.services_factory._services_by_user = {'someuserid': self.mail_service} when(self.services_factory).services(ANY()).thenReturn(self.services) self.mail_service.account_email = self.MAIL_ADDRESS root_resource = RootResource(self.services_factory) root_resource._html_template = "<html><head><title>$account_email</title></head></html>" root_resource._mode = root_resource self.web = DummySite(root_resource) self.root_resource = root_resource def test_render_GET_should_template_account_email(self): request = DummyRequest(['']) request.addCookie = lambda key, value: 'stubbed' d = self.web.get(request) def assert_response(_): expected = "<title>{0}</title>".format(self.MAIL_ADDRESS) matches = re.findall(expected, request.written[0]) self.assertEquals(len(matches), 1) d.addCallback(assert_response) return d def _test_should_renew_xsrf_cookie(self): request = DummyRequest(['']) request.addCookie = MagicMock() generated_csrf_token = 'csrf_token' mock_sha = MagicMock() mock_sha.hexdigest = MagicMock(return_value=generated_csrf_token) with patch('hashlib.sha256', return_value=mock_sha): d = self.web.get(request) def assert_csrf_cookie(_): request.addCookie.assert_called_once_with('XSRF-TOKEN', generated_csrf_token) d.addCallback(assert_csrf_cookie) return d def test_should_renew_xsrf_cookie_on_startup_mode(self): self.root_resource._mode = MODE_STARTUP self._test_should_renew_xsrf_cookie() def test_should_renew_xsrf_cookie_on_running_mode(self): self.root_resource._mode = MODE_RUNNING self._test_should_renew_xsrf_cookie() def test_should_unavailable_child_resource_during_startup(self): self.root_resource._mode = MODE_STARTUP request = DummyRequest(['/child']) request.getCookie = MagicMock(return_value='irrelevant -- stubbed') d = self.web.get(request) def assert_unavailable(_): self.assertEqual(503, request.responseCode) self.assertEqual("Service Unavailable", request.written[0]) d.addCallback(assert_unavailable) return d def _mock_ajax_csrf(self, request, csrf_token): request.requestHeaders.setRawHeaders('x-requested-with', ['XMLHttpRequest']) request.requestHeaders.setRawHeaders('x-xsrf-token', [csrf_token]) def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch(self): request = DummyRequest(['/child']) request.method = 'POST' self._mock_ajax_csrf(request, 'stubbed csrf token') request.getCookie = MagicMock(return_value='mismatched csrf token') d = self.web.get(request) def assert_unauthorized(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized) return d def test_should_404_non_existing_resource_with_valid_csrf(self): request = DummyRequest(['/non-existing-child']) request.method = 'POST' self._mock_ajax_csrf(request, 'stubbed csrf token') request.getCookie = MagicMock(return_value='stubbed csrf token') d = self.web.get(request) def assert_not_found(_): self.assertEqual(404, request.responseCode) self.assertIn("No Such Resource", request.written[0]) d.addCallback(assert_not_found) return d def test_should_authorize_child_resource_non_ajax_GET_requests(self): request = DummyRequest(['features']) request.getCookie = MagicMock(return_value='irrelevant -- stubbed') self.root_resource._child_resources.add('features', FeaturesResource()) self.root_resource._mode = MODE_RUNNING d = self.web.get(request) def assert_unauthorized(_): self.assertEqual(200, request.code) d.addCallback(assert_unauthorized) return d def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch(self): request = DummyRequest(['mails']) request.method = 'POST' request.addArg('csrftoken', 'some csrf token') mock_content = MagicMock() mock_content.read = MagicMock(return_value={}) request.content = mock_content request.getCookie = MagicMock(return_value='mismatched csrf token') d = self.web.get(request) def assert_unauthorized(_): self.assertEqual(401, request.responseCode) self.assertEqual("Unauthorized!", request.written[0]) d.addCallback(assert_unauthorized) return d
def setUp(self): self.feedback_service = mock() self.web = DummySite(FeedbackResource(self.feedback_service))