def test_update_session(self):
"""
Verify that accessing a session after one day updates the sessions
'last_visit' variable so that the session doesn't get purged.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
cursor = self.db.cursor()
cursor.executemany("INSERT INTO session VALUES ('123456', 0, %s, %s)",
[('last_visit', int(now - UPDATE_INTERVAL - 3600)),
('foo', 'bar')])
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='anonymous', cgi_location='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
session.save() # updating should not require modifications
self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires'])
cursor.execute("SELECT var_value FROM session WHERE sid='123456' AND "
"authenticated=0 AND var_name='last_visit'")
self.assertAlmostEqual(now, int(cursor.fetchone()[0]), -1)
def test_authenticated_session_independence_var(self):
"""
Verify that an anonymous session with the same name as an authenticated
session doesn't interfere with the latter.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('john', 1, 0)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('john', 1, 'foo', 'bar')")
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND authenticated=1 AND name='foo'")
self.assertEqual('bar', cursor.fetchone()[0])
incookie = Cookie()
incookie['trac_session'] = 'john'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assert_('foo' not in session)
session['foo'] = 'baz'
session.save()
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND authenticated=1 AND name='foo'")
rows = cursor.fetchall()
self.assertEqual(1, len(rows))
self.assertEqual('bar', rows[0][0])
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND authenticated=0 AND name='foo'")
rows = cursor.fetchall()
self.assertEqual(1, len(rows))
self.assertEqual('baz', rows[0][0])
def test_authenticated_session_independence_var(self):
"""
Verify that an anonymous session with the same name as an authenticated
session doesn't interfere with the latter.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('john', 1, 0)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('john', 1, 'foo', 'bar')")
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND authenticated=1 AND name='foo'")
self.assertEqual('bar', cursor.fetchone()[0])
incookie = Cookie()
incookie['trac_session'] = 'john'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assert_('foo' not in session)
session['foo'] = 'baz'
session.save()
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND authenticated=1 AND name='foo'")
rows = cursor.fetchall()
self.assertEqual(1, len(rows))
self.assertEqual('bar', rows[0][0])
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND authenticated=0 AND name='foo'")
rows = cursor.fetchall()
self.assertEqual(1, len(rows))
self.assertEqual('baz', rows[0][0])
def test_update_session(self):
"""
Verify that accessing a session after one day updates the sessions
'last_visit' variable so that the session doesn't get purged.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('123456', 0, 1)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
session.save() # updating should not require modifications
self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires'])
cursor.execute("SELECT last_visit FROM session WHERE sid='123456' AND "
"authenticated=0")
self.assertAlmostEqual(now, int(cursor.fetchone()[0]), -1)
def _purge_anonymous_session(self):
now = int(time_now())
lifetime = 90 * 86400 # default lifetime
with self.env.db_transaction as db:
db.executemany("INSERT INTO session VALUES (%s, 0, %s)",
[('123456', 0), ('987654', now - lifetime - 3600),
('876543', now - lifetime + 3600),
('765432', now - 3600)])
db.executemany(
"""
INSERT INTO session_attribute
VALUES (%s, 0, 'foo', 'bar')
""", [('987654', ), ('876543', ), ('765432', )])
with self.env.db_transaction as db:
# We need to modify a different session to trigger the purging
req = MockRequest(self.env, authname='anonymous')
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
return [
row[0] for row in self.env.db_query("""
SELECT sid FROM session WHERE authenticated=0 ORDER BY sid
""")
]
def test_purge_anonymous_session(self):
"""
Verify that old sessions get purged.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, %s)", (0,))
db("INSERT INTO session VALUES ('987654', 0, %s)",
(int(time.time() - PURGE_AGE - 3600),))
db("""
INSERT INTO session_attribute
VALUES ('987654', 0, 'foo', 'bar')
""")
# We need to modify a different session to trigger the purging
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
self.assertEqual(0, self.env.db_query("""
SELECT COUNT(*) FROM session WHERE sid='987654' AND authenticated=0
""")[0][0])
def test_change_anonymous_session(self):
"""
Verify that changing from one anonymous session to an inexisting
anonymous session creates the new session and doesn't carry over
variables from the previous session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
db("""
INSERT INTO session_attribute
VALUES ('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual({'foo': 'bar'}, session)
session.get_session('7890')
session['baz'] = 'moo'
session.save()
self.assertEqual({'baz': 'moo'}, session)
with self.env.db_query as db:
self.assertEqual(1, db("""
SELECT COUNT(*) FROM session
WHERE sid='7890' AND authenticated=0
""")[0][0])
self.assertEqual([('baz', 'moo')], db("""
SELECT name, value FROM session_attribute
WHERE sid='7890' AND authenticated=0
"""))
def test_delete_empty_session(self):
"""
Verify that a session gets deleted when it doesn't have any data except
for the 'last_visit' timestamp.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
cursor = self.db.cursor()
cursor.execute("INSERT INTO session "
"VALUES ('123456', 0, %s)",
(int(now - UPDATE_INTERVAL - 3600),))
cursor.execute("INSERT INTO session_attribute VALUES "
"('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
del session['foo']
session.save()
cursor.execute("SELECT COUNT(*) FROM session WHERE sid='123456' AND "
"authenticated=0")
self.assertEqual(0, cursor.fetchone()[0])
def test_purge_anonymous_session(self):
"""
Verify that old sessions get purged.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session "
"VALUES ('123456', 0, %s)",
(0,))
cursor.execute("INSERT INTO session "
"VALUES ('987654', 0, %s)",
(int(time.time() - PURGE_AGE - 3600),))
cursor.execute("INSERT INTO session_attribute VALUES "
"('987654', 0, 'foo', 'bar')")
# We need to modify a different session to trigger the purging
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
cursor.execute("SELECT COUNT(*) FROM session WHERE sid='987654' AND "
"authenticated=0")
self.assertEqual(0, cursor.fetchone()[0])
def test_delete_empty_session(self):
"""
Verify that a session gets deleted when it doesn't have any data except
for the 'last_visit' timestamp.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, %s)",
(int(now - UPDATE_INTERVAL - 3600), ))
db("""
INSERT INTO session_attribute
VALUES ('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
del session['foo']
session.save()
self.assertEqual(
0,
self.env.db_query("""
SELECT COUNT(*) FROM session WHERE sid='123456' AND authenticated=0
""")[0][0])
def test_purge_anonymous_session(self):
"""
Verify that old sessions get purged.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, %s)", (0, ))
db("INSERT INTO session VALUES ('987654', 0, %s)",
(int(time.time() - PURGE_AGE - 3600), ))
db("""
INSERT INTO session_attribute
VALUES ('987654', 0, 'foo', 'bar')
""")
# We need to modify a different session to trigger the purging
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
self.assertEqual(
0,
self.env.db_query("""
SELECT COUNT(*) FROM session WHERE sid='987654' AND authenticated=0
""")[0][0])
def test_update_session(self):
"""
Verify that accessing a session after one day updates the sessions
'last_visit' variable so that the session doesn't get purged.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 1)")
db("""
INSERT INTO session_attribute
VALUES ('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
session['modified'] = True
session.save() # updating does require modifications
self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires'])
self.assertAlmostEqual(
now,
int(
self.env.db_query("""
SELECT last_visit FROM session
WHERE sid='123456' AND authenticated=0
""")[0][0]), -1)
def test_delete_anonymous_session_var(self):
"""
Verify that modifying a variable updates the 'session' table accordingly
for an anonymous session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
db(
"""
INSERT INTO session_attribute VALUES
('123456', 0, 'foo', 'bar')
"""
)
incookie = Cookie()
incookie["trac_session"] = "123456"
req = Mock(authname="anonymous", base_path="/", incookie=incookie, outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual("bar", session["foo"])
del session["foo"]
session.save()
self.assertEqual(
0,
self.env.db_query(
"""
SELECT COUNT(*) FROM session_attribute
WHERE sid='123456' AND name='foo'
"""
)[0][0],
)
def test_change_anonymous_session(self):
"""
Verify that changing from one anonymous session to an inexisting
anonymous session creates the new session and doesn't carry over
variables from the previous session.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('123456', 0, 0)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual({'foo': 'bar'}, session)
session.get_session('7890')
session['baz'] = 'moo'
session.save()
self.assertEqual({'baz': 'moo'}, session)
cursor.execute("SELECT COUNT(*) FROM session WHERE sid='7890' AND "
"authenticated=0")
self.assertEqual(1, cursor.fetchone()[0])
cursor.execute("SELECT name, value FROM session_attribute "
"WHERE sid='7890' AND authenticated=0")
self.assertEqual([('baz', 'moo')], cursor.fetchall())
def test_delete_empty_session(self):
"""
Verify that a session gets deleted when it doesn't have any data except
for the 'last_visit' timestamp.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, %s)",
(int(now - UPDATE_INTERVAL - 3600),))
db("""
INSERT INTO session_attribute
VALUES ('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
del session['foo']
session.save()
self.assertEqual(0, self.env.db_query("""
SELECT COUNT(*) FROM session WHERE sid='123456' AND authenticated=0
""")[0][0])
def test_delete_anonymous_session_var(self):
"""
Verify that modifying a variable updates the 'session' table accordingly
for an anonymous session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
db("""
INSERT INTO session_attribute VALUES
('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
del session['foo']
session.save()
self.assertEqual(
0,
self.env.db_query("""
SELECT COUNT(*) FROM session_attribute
WHERE sid='123456' AND name='foo'
""")[0][0])
def test_update_session(self):
"""
Verify that accessing a session after one day updates the sessions
'last_visit' variable so that the session doesn't get purged.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('123456', 0, 1)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
session.save() # updating should not require modifications
self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires'])
cursor.execute("SELECT last_visit FROM session WHERE sid='123456' AND "
"authenticated=0")
self.assertAlmostEqual(now, int(cursor.fetchone()[0]), -1)
def test_update_session(self):
"""
Verify that accessing a session after one day updates the sessions
'last_visit' variable so that the session doesn't get purged.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 1)")
db("""
INSERT INTO session_attribute
VALUES ('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
session['modified'] = True
session.save() # updating does require modifications
self.assertEqual(PURGE_AGE, outcookie['trac_session']['expires'])
self.assertAlmostEqual(now, int(self.env.db_query("""
SELECT last_visit FROM session
WHERE sid='123456' AND authenticated=0
""")[0][0]), -1)
def test_purge_anonymous_session(self):
"""
Verify that old sessions get purged.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session "
"VALUES ('123456', 0, %s)", (0, ))
cursor.execute("INSERT INTO session "
"VALUES ('987654', 0, %s)",
(int(time.time() - PURGE_AGE - 3600), ))
cursor.execute("INSERT INTO session_attribute VALUES "
"('987654', 0, 'foo', 'bar')")
# We need to modify a different session to trigger the purging
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
cursor.execute("SELECT COUNT(*) FROM session WHERE sid='987654' AND "
"authenticated=0")
self.assertEqual(0, cursor.fetchone()[0])
def test_delete_empty_session(self):
"""
Verify that a session gets deleted when it doesn't have any data except
for the 'last_visit' timestamp.
"""
now = time.time()
# Make sure the session has data so that it doesn't get dropped
cursor = self.db.cursor()
cursor.execute("INSERT INTO session "
"VALUES ('123456', 0, %s)",
(int(now - UPDATE_INTERVAL - 3600), ))
cursor.execute("INSERT INTO session_attribute VALUES "
"('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
del session['foo']
session.save()
cursor.execute("SELECT COUNT(*) FROM session WHERE sid='123456' AND "
"authenticated=0")
self.assertEqual(0, cursor.fetchone()[0])
def test_authenticated_session_independence_var(self):
"""
Verify that an anonymous session with the same name as an authenticated
session doesn't interfere with the latter.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('john', 1, 0)")
db("INSERT INTO session_attribute VALUES ('john',1,'foo','bar')")
self.assertEqual('bar', self.env.db_query("""
SELECT value FROM session_attribute
WHERE sid='john' AND authenticated=1 AND name='foo'
""")[0][0])
incookie = Cookie()
incookie['trac_session'] = 'john'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assert_('foo' not in session)
session['foo'] = 'baz'
session.save()
rows = self.env.db_query("""
SELECT value FROM session_attribute
WHERE sid='john' AND authenticated=1 AND name='foo'
""")
self.assertEqual(1, len(rows))
self.assertEqual('bar', rows[0][0])
rows = self.env.db_query("""
SELECT value FROM session_attribute
WHERE sid='john' AND authenticated=0 AND name='foo'
""")
self.assertEqual(1, len(rows))
self.assertEqual('baz', rows[0][0])
def _test_authenticated_session(self, username):
"""
Verifies that a session cookie does not get used if the user is logged
in, and that Trac expires the cookie.
"""
req = MockRequest(self.env, authname=username)
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
self.assertEqual(username, session.sid)
session['foo'] = 'bar'
session.save()
self.assertEqual(0, req.outcookie['trac_session']['expires'])
def _test_authenticated_session(self, username, fullname, email):
"""
Verifies that a session cookie does not get used if the user is logged
in, and that Trac expires the cookie.
"""
req = MockRequest(self.env, authname=username)
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
self.assertEqual(username, session.sid)
session['email'] = email
session['name'] = fullname
session.save()
def test_add_authenticated_session_var(self):
"""
Verify that new variables are inserted into the 'session' table in the
database for an authenticted session.
"""
req = Mock(authname='john', cgi_location='/', incookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
cursor = self.db.cursor()
cursor.execute("SELECT var_value FROM session WHERE sid='john' AND "
"authenticated=1 AND var_name='foo'")
self.assertEqual('bar', cursor.fetchone()[0])
def test_add_anonymous_session_var(self):
"""
Verify that new variables are inserted into the 'session' table in the
database for an anonymous session.
"""
incookie = Cookie()
incookie["trac_session"] = "123456"
req = Mock(authname="anonymous", base_path="/", incookie=incookie, outcookie=Cookie())
session = Session(self.env, req)
session["foo"] = "bar"
session.save()
self.assertEqual("bar", self.env.db_query("SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_add_anonymous_session_var(self):
"""
Verify that new variables are inserted into the 'session' table in the
database for an anonymous session.
"""
req = MockRequest(self.env, authname='anonymous')
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
self.assertEqual('bar', self.env.db_query(
"SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_add_authenticated_session_var(self):
"""
Verify that new variables are inserted into the 'session' table in the
database for an authenticated session.
"""
req = Mock(authname='john', base_path='/', incookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
self.assertEqual('bar', self.env.db_query("""
SELECT value FROM session_attribute WHERE sid='john' AND name='foo'
""")[0][0])
def test_authenticated_session(self):
"""
Verifies that a session cookie does not get used if the user is logged
in, and that Trac expires the cookie.
"""
incookie = Cookie()
incookie["trac_session"] = "123456"
outcookie = Cookie()
req = Mock(authname="john", base_path="/", incookie=incookie, outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual("john", session.sid)
session["foo"] = "bar"
session.save()
self.assertEquals(0, outcookie["trac_session"]["expires"])
def test_add_anonymous_session_var(self):
"""
Verify that new variables are inserted into the 'session' table in the
database for an anonymous session.
"""
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
self.assertEqual('bar', self.env.db_query(
"SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_authenticated_session(self):
"""
Verifies that a session cookie does not get used if the user is logged
in, and that Trac expires the cookie.
"""
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='john', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual('john', session.sid)
session['foo'] = 'bar'
session.save()
self.assertEquals(0, outcookie['trac_session']['expires'])
def test_session_promotion(self):
"""
Verifies that an existing anonymous session gets promoted to an
authenticated session when the user logs in.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
incookie = Cookie()
incookie["trac_session"] = "123456"
outcookie = Cookie()
req = Mock(authname="john", base_path="/", incookie=incookie, outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual("john", session.sid)
session.save()
self.assertEqual([("john", 1)], self.env.db_query("SELECT sid, authenticated FROM session"))
def _test_session_promotion(self, username):
"""
Verifies that an existing anonymous session gets promoted to an
authenticated session when the user logs in.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
req = MockRequest(self.env, authname=username)
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
self.assertEqual(username, session.sid)
session.save()
self.assertEqual([(username, 1)],
self.env.db_query("""SELECT sid, authenticated FROM session
WHERE sid=%s""", (username,)))
def _test_new_session_promotion(self, username):
"""
Verifies that even without a preexisting anonymous session,
an authenticated session will be created when the user logs in.
(same test as above without the initial INSERT)
"""
with self.env.db_transaction:
req = MockRequest(self.env, authname=username)
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
self.assertEqual(username, session.sid)
session.save()
self.assertEqual([(username, 1)],
self.env.db_query("""SELECT sid, authenticated FROM session
WHERE sid=%s""", (username,)))
def test_delete_authenticated_session_var(self):
"""
Verify that modifying a variable updates the 'session' table accordingly
for an authenticated session.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('john', 1, 'foo', 'bar')")
req = Mock(authname='john', cgi_location='/', incookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
del session['foo']
session.save()
cursor.execute("SELECT COUNT(*) FROM session WHERE sid='john' AND "
"authenticated=1 AND var_name='foo'")
self.assertEqual(0, cursor.fetchone()[0])
def test_new_session_promotion(self):
"""
Verifies that even without a preexisting anonymous session,
an authenticated session will be created when the user logs in.
(same test as above without the initial INSERT)
"""
with self.env.db_transaction as db:
incookie = Cookie()
incookie["trac_session"] = "123456"
outcookie = Cookie()
req = Mock(authname="john", base_path="/", incookie=incookie, outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual("john", session.sid)
session.save()
self.assertEqual([("john", 1)], self.env.db_query("SELECT sid, authenticated FROM session"))
def _get_session(self, req):
try:
return Session(self.env, req)
except TracError as e:
self.log.error("can't retrieve session: %s",
exception_to_unicode(e))
return FakeSession()
def test_change_anonymous_session(self):
"""
Verify that changing from one anonymous session to an inexisting
anonymous session creates the new session and doesn't carry over
variables from the previous session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
db(
"""
INSERT INTO session_attribute
VALUES ('123456', 0, 'foo', 'bar')
"""
)
incookie = Cookie()
incookie["trac_session"] = "123456"
req = Mock(authname="anonymous", base_path="/", incookie=incookie, outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual({"foo": "bar"}, session)
session.get_session("7890")
session["baz"] = "moo"
session.save()
self.assertEqual({"baz": "moo"}, session)
with self.env.db_query as db:
self.assertEqual(
1,
db(
"""
SELECT COUNT(*) FROM session
WHERE sid='7890' AND authenticated=0
"""
)[0][0],
)
self.assertEqual(
[("baz", "moo")],
db(
"""
SELECT name, value FROM session_attribute
WHERE sid='7890' AND authenticated=0
"""
),
)
def test_new_session_promotion(self):
"""
Verifies that even without a preexisting anonymous session,
an authenticated session will be created when the user logs in.
(same test as above without the initial INSERT)
"""
with self.env.db_transaction as db:
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='john', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual('john', session.sid)
session.save()
self.assertEqual([('john', 1)], self.env.db_query(
"SELECT sid, authenticated FROM session"))
def test_session_promotion(self):
"""
Verifies that an existing anonymous session gets promoted to an
authenticated session when the user logs in.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='john', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual('john', session.sid)
session.save()
self.assertEqual([('john', 1)], self.env.db_query(
"SELECT sid, authenticated FROM session"))
def test_modify_authenticated_session_var(self):
"""
Verify that modifying an existing variable updates the 'session' table
accordingly for an authenticated session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('john', 1, 0)")
db("INSERT INTO session_attribute VALUES ('john',1,'foo','bar')")
req = Mock(authname='john', base_path='/', incookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
session['foo'] = 'baz'
session.save()
self.assertEqual('baz', self.env.db_query("""
SELECT value FROM session_attribute WHERE sid='john' AND name='foo'
""")[0][0])
def test_anonymous_session(self):
"""
Verify that session variables are stored in the database.
"""
req = MockRequest(self.env, authname='anonymous')
req.incookie['trac_session'] = '123456'
session = Session(self.env, req)
self.assertEqual('123456', session.sid)
self.assertNotIn('trac_session', req.outcookie)
def test_delete_authenticated_session_var(self):
"""
Verify that deleting a variable updates the 'session' table accordingly
for an authenticated session.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('john', 1, 0)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('john', 1, 'foo', 'bar')")
req = Mock(authname='john', base_path='/', incookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
del session['foo']
session.save()
cursor.execute("SELECT COUNT(*) FROM session_attribute "
"WHERE sid='john' AND name='foo'")
self.assertEqual(0, cursor.fetchone()[0])
def test_add_anonymous_session_var(self):
"""
Verify that new variables are inserted into the 'session' table in the
database for an anonymous session.
"""
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous',
base_path='/',
incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
session['foo'] = 'bar'
session.save()
cursor = self.db.cursor()
cursor.execute(
"SELECT value FROM session_attribute WHERE sid='123456'")
self.assertEqual('bar', cursor.fetchone()[0])
def test_modify_authenticated_session_var(self):
"""
Verify that modifying an existing variable updates the 'session' table
accordingly for an authenticated session.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('john', 1, 0)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('john', 1, 'foo', 'bar')")
req = Mock(authname='john', base_path='/', incookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
session['foo'] = 'baz'
session.save()
cursor.execute("SELECT value FROM session_attribute "
"WHERE sid='john' AND name='foo'")
self.assertEqual('baz', cursor.fetchone()[0])
def test_session_promotion(self):
"""
Verifies that an existing anonymous session gets promoted to an
authenticated session when the user logs in.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('123456', 0, 0)")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='john', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual('john', session.sid)
session.save()
cursor.execute("SELECT sid,authenticated FROM session")
self.assertEqual(('john', 1), cursor.fetchone())
self.assertEqual(None, cursor.fetchone())
def _get_session(self, req):
try:
return Session(self.env, req)
except TracError as e:
msg = "can't retrieve session: %s"
if isinstance(e, TracValueError):
self.log.warning(msg, e)
else:
self.log.error(msg, exception_to_unicode(e))
return FakeSession()
def test_modify_anonymous_session_var(self):
"""
Verify that modifying an existing variable updates the 'session' table
accordingly for an anonymous session.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('123456', 0, 0)")
cursor.execute("INSERT INTO session_attribute VALUES "
"('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
session['foo'] = 'baz'
session.save()
cursor.execute("SELECT value FROM session_attribute WHERE sid='123456'")
self.assertEqual('baz', cursor.fetchone()[0])
def test_new_session(self):
"""
Verify that a session cookie gets sent back to the client for a new
session.
"""
req = MockRequest(self.env, authname='anonymous')
session = Session(self.env, req)
self.assertEqual(session.sid, req.outcookie['trac_session'].value)
self.assertEqual(0, self.env.db_query(
"SELECT COUNT(*) FROM session")[0][0])
def test_delete_authenticated_session_var(self):
"""
Verify that deleting a variable updates the 'session' table accordingly
for an authenticated session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('john', 1, 0)")
db("INSERT INTO session_attribute VALUES ('john', 1, 'foo', 'bar')")
req = MockRequest(self.env, authname='john')
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
del session['foo']
session.save()
self.assertEqual(0, self.env.db_query("""
SELECT COUNT(*) FROM session_attribute
WHERE sid='john' AND name='foo'
""")[0][0])
def test_modify_anonymous_session_var(self):
"""
Verify that modifying an existing variable updates the 'session' table
accordingly for an anonymous session.
"""
cursor = self.db.cursor()
cursor.execute("INSERT INTO session VALUES ('123456', 0, 'foo', 'bar')")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', cgi_location='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
session['foo'] = 'baz'
session.save()
cursor.execute("SELECT var_value FROM session WHERE sid='123456' AND "
"authenticated=0 AND var_name='foo'")
self.assertEqual('baz', cursor.fetchone()[0])
def _test_session_promotion(self, username):
"""
Verifies that an existing anonymous session gets promoted to an
authenticated session when the user logs in.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname=username, base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual(username, session.sid)
session.save()
self.assertEqual([(username, 1)],
self.env.db_query("""SELECT sid, authenticated FROM session
WHERE sid=%s""", (username,)))
def _test_new_session_promotion(self, username):
"""
Verifies that even without a preexisting anonymous session,
an authenticated session will be created when the user logs in.
(same test as above without the initial INSERT)
"""
with self.env.db_transaction:
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname=username, base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual(username, session.sid)
session.save()
self.assertEqual([(username, 1)],
self.env.db_query("""SELECT sid, authenticated FROM session
WHERE sid=%s""", (username,)))
def test_new_session_promotion(self):
"""
Verifies that even without a preexisting anonymous session,
an authenticated session will be created when the user logs in.
(same test as above without the initial INSERT)
"""
cursor = self.db.cursor()
incookie = Cookie()
incookie['trac_session'] = '123456'
outcookie = Cookie()
req = Mock(authname='john', base_path='/', incookie=incookie,
outcookie=outcookie)
session = Session(self.env, req)
self.assertEqual('john', session.sid)
session.save()
cursor.execute("SELECT sid,authenticated FROM session")
self.assertEqual(('john', 1), cursor.fetchone())
self.assertEqual(None, cursor.fetchone())
def test_modify_anonymous_session_var(self):
"""
Verify that modifying an existing variable updates the 'session' table
accordingly for an anonymous session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('123456', 0, 0)")
db("""
INSERT INTO session_attribute VALUES
('123456', 0, 'foo', 'bar')
""")
incookie = Cookie()
incookie['trac_session'] = '123456'
req = Mock(authname='anonymous', base_path='/', incookie=incookie,
outcookie=Cookie())
session = Session(self.env, req)
self.assertEqual('bar', session['foo'])
session['foo'] = 'baz'
session.save()
self.assertEqual('baz', self.env.db_query(
"SELECT value FROM session_attribute WHERE sid='123456'")[0][0])
def test_delete_authenticated_session_var(self):
"""
Verify that deleting a variable updates the 'session' table accordingly
for an authenticated session.
"""
with self.env.db_transaction as db:
db("INSERT INTO session VALUES ('john', 1, 0)")
db("INSERT INTO session_attribute VALUES ('john', 1, 'foo', 'bar')")
req = Mock(authname="john", base_path="/", incookie=Cookie())
session = Session(self.env, req)
self.assertEqual("bar", session["foo"])
del session["foo"]
session.save()
self.assertEqual(
0,
self.env.db_query(
"""
SELECT COUNT(*) FROM session_attribute
WHERE sid='john' AND name='foo'
"""
)[0][0],
)
def test_session_change_id_with_invalid_sid(self):
cookie = Cookie()
req = Mock(incookie=Cookie(), outcookie=cookie, authname='anonymous',
base_path='/')
session = Session(self.env, req)
session.change_sid('0123456789')
self.assertEqual('0123456789', session.sid)
session.change_sid('abcxyz')
self.assertEqual('abcxyz', session.sid)
session.change_sid('abc123xyz')
self.assertEqual('abc123xyz', session.sid)
self.assertRaises(TracError, session.change_sid, 'abc 123 xyz')
self.assertRaises(TracError, session.change_sid, 'abc-123-xyz')
self.assertRaises(TracError, session.change_sid, 'abc<i>123</i>xyz')
self.assertRaises(TracError, session.change_sid, u'abc123xÿz')
self.assertRaises(TracError, session.change_sid,
u'abc¹₂³xyz') # Unicode digits
