def test_lot_authentication_middleware_with_session_data(self):
request = self.factory.get('/test_url/')
request.META['HTTP_X_AUTH_TOKEN'] = str(self.lot4.uuid)
SessionMiddleware().process_request(request)
LOTAuthenticationMiddleware().process_request(request)
self.assertEqual(request.session['data'], "test")
def _add_session(request):
"""Annotate the request object with a session"""
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
def setUp(self):
super(AccessTokenExchangeFormTest, self).setUp()
self.request = RequestFactory().post("dummy_url")
SessionMiddleware().process_request(self.request)
self.request.social_strategy = social_utils.load_strategy(
self.request, self.BACKEND)
def get_request(self, url='/'):
request = self.request_factory.get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
return request
from django.contrib.sessions.middleware import SessionMiddleware
from django.test.client import RequestFactory
from django.test.utils import override_settings
from mock import patch
from nose.tools import eq_, ok_
from affiliates.facebook.auth import login
from affiliates.facebook.models import FacebookUser
from affiliates.facebook.tests import FacebookUserFactory
from affiliates.base.tests import aware_datetime, TestCase, refresh_model
session_middleware = SessionMiddleware()
@patch.object(FacebookUser.objects, 'update_user_info')
class LoginTests(TestCase):
def setUp(self):
self.factory = RequestFactory()
def request(self, url='/'):
"""
Create a mock request object.
"""
request = self.factory.get(url)
session_middleware.process_request(request)
return request
def test_flush_session(self, update_user_info):
"""
def add_session_to_request(self, request):
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
def test_message(self):
""" Testing message api calls as staff """
test3 = User.objects.get(username='******')
self.assertIsNotNone(test3)
print('\nLogging in as staff')
factory = APIRequestFactory()
data = {"username": "******", "password": "******"}
request = factory.post('/login/', data)
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
view = JWTLogin.as_view()
response = view(request)
self.assertEqual(response.status_code, 200)
self.assertIsNotNone(response.content)
content = json.loads(response.content.decode())
if 'token' in content and content['token']:
token = content['token']
else:
token = None
self.assertIsNotNone(token)
print('Staff makes a protected call creating a message')
data = {
"user": test3.id,
"message": "this is a message just for test3"
}
request = factory.post('/bus/messages/',
data,
HTTP_AUTHORIZATION='Bearer {}'.format(token))
view = Messages.as_view()
response = view(request)
self.assertEqual(response.status_code, 201)
self.assertIsNotNone(response.content)
content = json.loads(response.content.decode())
if 'data' in content and 'id' in content['data']:
mid = content['data']['id']
else:
mid = None
self.assertIsNotNone(response.content)
self.assertIsNotNone(mid)
print('Staff makes a protected call modifying a message')
data = {"message": "changing the message for test3"}
request = factory.post('/bus/messages/',
data,
HTTP_AUTHORIZATION='Bearer {}'.format(token))
response = view(request, mid)
self.assertEqual(response.status_code, 200)
self.assertIsNotNone(response.content)
content = json.loads(response.content.decode())
if 'data' in content and 'message' in content['data']:
mess = content['data']['message']
else:
mess = ''
self.assertEqual(mess, "changing the message for test3")
print('Staff makes a protected call deleting a message')
request = factory.delete('/bus/messages/',
HTTP_AUTHORIZATION='Bearer {}'.format(token))
response = view(request, mid)
self.assertEqual(response.status_code, 200)
# http://www.gnu.org/licenses/agpl-3.0.html.
from urlparse import urlparse, parse_qs
from django.contrib.auth.models import AnonymousUser
from django.contrib.sessions.middleware import SessionMiddleware
from django.core.management.base import BaseCommand
from django.core.urlresolvers import resolve
from django.test import RequestFactory
from auth.models import CustomUser as User
from localeurl.utils import strip_path
from auth.middleware import AmaraAuthenticationMiddleware
middleware_to_apply = [
SessionMiddleware(),
AmaraAuthenticationMiddleware(),
]
class Command(BaseCommand):
help = u'Run a test request'
def handle(self, *args, **kwargs):
try:
url = args[0]
except IndexError:
self.stderr.write("manage testrequest url [username]\n")
return
try:
username = args[1]
def _update_session(request, **params):
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.update(params)
request.session.save()
def setup_request(request):
session_mw = SessionMiddleware()
session_mw.process_request(request)
request.user = AnonymousUser()
def _apply_middlewares(self, request):
"""Applies needed middlewares."""
SessionMiddleware().process_request(request)
MessageMiddleware().process_request(request)
request.session.save()
return request
def setUp(self):
self.factory = RequestFactory()
self.session_middleware = SessionMiddleware()
def test_datagroup_create(self):
long_fn = "a filename that is too long " * 10
csv_string = (
"filename,title,document_type,url,organization\n"
"0bf5755e-3a08-4024-9d2f-0ea155a9bd17.pdf,NUTRA NAIL,MS,, \n"
f"{long_fn},Body Cream,MS,, \n")
data = io.StringIO(csv_string)
sample_csv = InMemoryUploadedFile(
data,
field_name="csv",
name="register_records.csv",
content_type="text/csv",
size=len(csv_string),
charset="utf-8",
)
form_data = {
"name": ["Walmart MSDS Test Group"],
"description": ["test data group"],
"group_type": ["2"],
"downloaded_by": [str(User.objects.get(username="******").pk)],
"downloaded_at": ["08/02/2018"],
"download_script": ["1"],
"data_source": ["10"],
}
request = self.factory.post(path="/datagroup/new/", data=form_data)
request.FILES["csv"] = sample_csv
request.user = User.objects.get(username="******")
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
middleware = MessageMiddleware()
middleware.process_request(request)
request.session.save()
request.session = {}
request.session["datasource_title"] = "Walmart"
request.session["datasource_pk"] = 10
resp = views.data_group_create(request=request, pk=10)
dg_exists = DataGroup.objects.filter(
name="Walmart MSDS Test Group").exists()
self.assertContains(
resp, "filename: Ensure this value has at most 255 characters")
self.assertFalse(dg_exists)
csv_string = (
"filename,title,document_type,url,organization\n"
"0bf5755e-3a08-4024-9d2f-0ea155a9bd17.pdf,NUTRA NAIL,MS,, \n"
"0c68ab16-2065-4d9b-a8f2-e428eb192465.pdf,Body Cream,MS,, \n")
data = io.StringIO(csv_string)
sample_csv = InMemoryUploadedFile(
data,
field_name="csv",
name="register_records.csv",
content_type="text/csv",
size=len(csv_string),
charset="utf-8",
)
request = self.factory.post(path="/datagroup/new", data=form_data)
request.FILES["csv"] = sample_csv
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
middleware = MessageMiddleware()
middleware.process_request(request)
request.session.save()
request.user = User.objects.get(username="******")
request.session = {}
request.session["datasource_title"] = "Walmart"
request.session["datasource_pk"] = 10
resp = views.data_group_create(request=request, pk=10)
self.assertEqual(resp.status_code, 302, "Should be redirecting")
dg = DataGroup.objects.get(name="Walmart MSDS Test Group")
self.assertEqual(f"/datagroup/{dg.pk}/", resp.url,
"Should be redirecting to the proper URL")
# test whether the file system folder was created
self.assertIn(
str(dg.fs_id),
os.listdir(settings.MEDIA_ROOT),
"The data group's UUID should be a folder in MEDIA_ROOT",
)
# In the Data Group Detail Page
resp = self.client.get(f"/datagroup/{dg.pk}/")
# test whether the data documents were created
docs = DataDocument.objects.filter(data_group=dg)
self.assertEqual(len(docs), 2,
"there should be two associated documents")
# test whether the "Download Registered Records" link is like this example
# <a href="/datagroup/a9c7f5a7-5ad4-4f75-b877-a3747f0cc081/download_registered_documents" class="btn btn-secondary">
csv_href = f"/datagroup/{dg.pk}/download_registered_documents/"
self.assertIn(
csv_href,
str(resp._container),
"The data group detail page must contain the right download link",
)
# grab a filename from a data document and see if it's in the csv
doc_fn = docs.first().filename
# test whether the registered records csv download link works
resp_rr_csv = self.client.get(
csv_href) # this object should be of type StreamingHttpResponse
docfound = "not found"
for csv_row in resp_rr_csv.streaming_content:
if doc_fn in str(csv_row):
docfound = "found"
self.assertEqual(
docfound,
"found",
"the document file name should appear in the registered records csv",
)
# Test whether the data document csv download works
# URL on data group detail page: datagroup/docs_csv/{pk}/
dd_csv_href = (f"/datagroup/{dg.pk}/download_documents/"
) # this is an interpreted django URL
resp_dd_csv = self.client.get(dd_csv_href)
for csv_row in resp_dd_csv.streaming_content:
if doc_fn in str(csv_row):
docfound = "found"
self.assertEqual(
docfound,
"found",
"the document file name should appear in the data documents csv",
)
# test uploading one pdf that matches a registered record
doc = DataDocument.objects.filter(data_group_id=dg.pk).first()
pdf = TemporaryUploadedFile(name=doc.filename,
content_type="application/pdf",
size=47,
charset=None)
request = self.factory.post(path="/datagroup/%s" % dg.pk,
data={"uploaddocs-submit": "Submit"})
request.FILES["uploaddocs-documents"] = pdf
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
middleware = MessageMiddleware()
middleware.process_request(request)
request.session.save()
request.user = User.objects.get(username="******")
resp = views.data_group_detail(request=request, pk=dg.pk)
pdf_path = f"{settings.MEDIA_ROOT}{dg.fs_id}/pdf/{doc.get_abstract_filename()}"
self.assertTrue(os.path.exists(pdf_path),
"the stored file should be in MEDIA_ROOT/dg.fs_id")
pdf.close()
def process_request_auth_middleware(self, request):
SessionMiddleware().process_request(request)
AuthenticationMiddleware().process_request(request)
def setUp(self):
self.factory = RequestFactory()
self.request = self.factory.get('/blog_admin/know_opt')
middleware = SessionMiddleware()
middleware.process_request(self.request)
self.request.session.save()
def setUp(self):
self.factory = RequestFactory()
self.session_middleware = SessionMiddleware()
self.auth_middleware = AuthenticationMiddleware()
def add_session_to_request(self):
middleware = SessionMiddleware()
middleware.process_request(self.request)
self.request.session.save()
# Trigger saving the session
self.request.session['foo'] = 'foo'
def setUp(self):
self.request_factory = RequestFactory()
self.smw = SessionMiddleware()
self.amw = AuthenticationMiddleware()
self.rmw = RemoteUserMiddleware()
self.srmw = middleware.ShibbolethRemoteUserMiddleware()
class ABAssignmentTest(TestCase):
'''
Test cases for assigning variants to request made.
'''
request_factory = RequestFactory()
request = request_factory.get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
campaign = None
variant_vals = {}
def setUp(self):
self.campaign, created = Campaign.objects.get_or_create(
name="Test Homepage", description="Testing Homepage designs")
for code in ['A', 'B', 'C']:
variant, created = Variant.objects.get_or_create(
campaign=self.campaign,
code=code,
name=f'Homepage Design {code}',
html_template=f'abtest/homepage_{code}.html')
self.variant_vals = self.campaign.variants.all().values(
'code',
"impressions",
'conversions',
'conversion_rate',
'html_template',
)
def test_ab_assign_session(self):
# Test to check if session variable is added to WSGI requests object
selected_variant = ab_assign(
self.request,
self.campaign,
default_template='/abtest/homepage.html',
)
self.assertTrue(self.request.session.get(str(self.campaign.code)))
def test_ab_assign_epsilon_greedy(self):
# Test assign with epsilon greedy algorithm
selected_variant = ab_assign(
self.request,
self.campaign,
algo='egreedy',
default_template='/abtest/homepage.html',
)
self.assertTrue(selected_variant in list(self.variant_vals))
def test_ab_assign_thompson(self):
# Test assign with epsilon thompson sampling algorithm
selected_variant = ab_assign(
self.request,
self.campaign,
algo='thompson',
default_template='/abtest/homepage.html',
)
self.assertTrue(selected_variant in list(self.variant_vals))
def test_ab_assign_ucb1(self):
# Test assign with ucb1 algorithm
selected_variant = ab_assign(
self.request,
self.campaign,
algo='UCB1',
default_template='/abtest/homepage.html',
)
self.assertTrue(selected_variant in list(self.variant_vals))
def test_ab_assign_uniform(self):
# Test assign with uniform random sampling algorithm
selected_variant = ab_assign(
self.request,
self.campaign,
algo='uniform',
default_template='/abtest/homepage.html',
)
self.assertTrue(selected_variant in list(self.variant_vals))
def setUp(self):
self.request = HttpRequest()
SessionMiddleware().process_request(self.request)
# We have to save the session to cause a session key to be generated.
self.request.session.save()
def test_jwt_auth_staff(self):
""" test staff login and access accessing protected view with other's token """
print('Get test1 token')
factory = APIRequestFactory()
data = {"username": "******", "password": "******"}
request = factory.post('/login/', data)
# have to manually add the session for login to work
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
view = JWTLogin.as_view()
response = view(request)
self.assertEqual(response.status_code, 200)
self.assertIsNotNone(response.content)
content = json.loads(response.content.decode())
if 'token' in content and content['token']:
t1tok = content['token']
else:
t1tok = None
self.assertIsNotNone(t1tok)
print('\nLogging in as staff')
factory = APIRequestFactory()
data = {"username": "******", "password": "******"}
request = factory.post('/login/', data)
middleware.process_request(request)
request.session.save()
view = JWTLogin.as_view()
response = view(request)
self.assertEqual(response.status_code, 200)
self.assertIsNotNone(response.content)
content = json.loads(response.content.decode())
if 'token' in content and content['token']:
token = content['token']
else:
token = None
print('Staff makes a protected call for messages for themselves')
request = factory.get('/bus/messages/',
HTTP_AUTHORIZATION='Bearer {}'.format(token),
content_type='application/json')
view = Messages.as_view()
response = view(request)
self.assertEqual(response.status_code, 200)
self.assertIsNotNone(response.content)
content = str(response.content)
# should contain only the message for staff
self.assertTrue(bool(content.find('staff') > -1))
self.assertEqual(content.find('test'), -1)
print('Staff makes a protected call for messages with test1 token')
request = factory.get('/bus/messages/?token=' + t1tok,
HTTP_AUTHORIZATION='Bearer {}'.format(token),
content_type='application/json')
view = Messages.as_view()
response = view(request)
self.assertEqual(response.status_code, 200)
self.assertIsNotNone(response.content)
content = str(response.content)
# should contain only the message for test1, not for staff
self.assertTrue(bool(content.find('test1') > -1))
self.assertEqual(content.find('staff'), -1)
def setUp(self):
super(FacebookCanvasMiddlewareTest, self).setUp()
self.factory = RequestFactory()
self.middleware = FacebookCanvasMiddleWare()
self.session_middleware = SessionMiddleware()
def test_enrollment_limit_by_domain(self):
"""
Tests that the enrollmentDomain setting is properly limiting enrollment to those who have
the proper external auth
"""
# create 2 course, one with limited enrollment one without
shib_course = CourseFactory.create(
org='Stanford',
number='123',
display_name='Shib Only',
enrollment_domain='shib:https://idp.stanford.edu/',
user_id=self.test_user_id,
)
open_enroll_course = CourseFactory.create(
org='MITx',
number='999',
display_name='Robot Super Course',
enrollment_domain='',
user_id=self.test_user_id,
)
# create 3 kinds of students, external_auth matching shib_course, external_auth not matching, no external auth
shib_student = UserFactory.create()
shib_student.save()
extauth = ExternalAuthMap(
external_id='*****@*****.**',
external_email='',
external_domain='shib:https://idp.stanford.edu/',
external_credentials="",
user=shib_student)
extauth.save()
other_ext_student = UserFactory.create()
other_ext_student.username = "******"
other_ext_student.email = "*****@*****.**"
other_ext_student.save()
extauth = ExternalAuthMap(external_id='*****@*****.**',
external_email='',
external_domain='shib:https://other.edu/',
external_credentials="",
user=other_ext_student)
extauth.save()
int_student = UserFactory.create()
int_student.username = "******"
int_student.email = "*****@*****.**"
int_student.save()
# Tests the two case for courses, limited and not
for course in [shib_course, open_enroll_course]:
for student in [shib_student, other_ext_student, int_student]:
request = self.request_factory.post('/change_enrollment')
# Add a session to the request
SessionMiddleware().process_request(request)
request.session.save()
request.POST.update({
'enrollment_action':
'enroll',
'course_id':
course.id.to_deprecated_string()
})
request.user = student
response = change_enrollment(request)
# If course is not limited or student has correct shib extauth then enrollment should be allowed
if course is open_enroll_course or student is shib_student:
self.assertEqual(response.status_code, 200)
self.assertTrue(
CourseEnrollment.is_enrolled(student, course.id))
# Clean up
CourseEnrollment.unenroll(student, course.id)
else:
self.assertEqual(response.status_code, 400)
self.assertFalse(
CourseEnrollment.is_enrolled(student, course.id))
def setUp(self) -> None:
self.view = add_to_basket
# request factory
self.factory = RequestFactory()
self.middleware = SessionMiddleware()
# get Group created
Group.objects.create(name='managers')
# get user created
User = get_user_model()
self.test_user = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.test_user.first_name = 'testfirstname'
self.test_user.last_name = 'testlastname'
self.test_user.save()
# add user to managers
self.managers_grp = Group.objects.get(name='managers')
self.managers_grp.user_set.add(self.test_user)
self.managers_grp.save()
# login
self.client.post(reverse('account_login'), {
'login': '******',
'password': '******'
},
follow=False)
# create game object
self.game = Game.objects.create(name='TestGame',
price=10.99,
description='Test Game description',
quantity_available=100)
self.game_for_cart = Game.objects.create(
name='TestGameExtra',
price=10,
description='Test Game description',
quantity_available=1)
# create some additional games
g1 = Game.objects.create(name='test1',
description='test1',
quantity_available=11,
price=20)
g2 = Game.objects.create(name='test2',
description='test2',
quantity_available=10,
price=10)
# create ORDER
self.order = Order.objects.create(customer=self.test_user,
total=20.99,
ordered=False)
# create order item
self.order_item = OrderItem.objects.create(user=self.test_user,
item=g1,
quantity=1)
self.order_item_extra = OrderItem.objects.create(user=self.test_user,
item=g2,
quantity=5)
self.order_item_for_cart = OrderItem.objects.create(
user=self.test_user, item=self.game_for_cart, quantity=1)
# add item to order
self.order.items.add(self.order_item)
self.order.items.add(self.order_item_extra)
self.order.items.add(self.order_item_for_cart)
def setUp(self):
request = RequestFactory().get('/')
SessionMiddleware().process_request(request)
self.session_data = CheckoutSessionData(request)
def setUp(self):
self.request = HttpRequest()
SessionMiddleware().process_request(self.request)
def add_session_to_request(request):
"""Use SessionMiddleware to add a session to the request."""
"""Annotate a request object with a session"""
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
def request_with_middleware(rf):
request = rf.get("/")
SessionMiddleware(get_response=dummy_get_response).process_request(request)
MessageMiddleware(get_response=dummy_get_response).process_request(request)
return request
def process_request(request):
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
def create_request_session(request, use_sso=False):
SessionMiddleware().process_request(request)
request.session.save()
if use_sso:
request.session['samlSessionIndex'] = '_7c84c96e-8774-4e64-893c-06f91d285100'