def test_success(self):
username = "******"
# mock the response, return token
expected_token = generate_tokens()
expected_user_data = {"pk": 1, "first_name": "My First Name", "last_name": "My last name"}
responses.add(
responses.POST,
urljoin(settings.API_URL, "oauth2/token"),
body=json.dumps(expected_token),
status=200,
content_type="application/json",
)
responses.add(
responses.GET,
urljoin(settings.API_URL, "users/", username),
body=json.dumps(expected_user_data),
status=200,
content_type="application/json",
)
# authenticate, should return authentication data
data = api_client.authenticate(username, "my-password")
self.assertEqual(data["pk"], expected_user_data.get("pk"))
self.assertDictEqual(data["token"], expected_token)
self.assertDictEqual(data["user_data"], expected_user_data)
def _default_login_data(self):
user_pk = 100
credentials = {'username': '******', 'password': '******'}
token = generate_tokens()
permissions = [
'credit.view_credit', 'credit.lock_credit', 'credit.unlock_credit',
'credit.patch_credited_credit'
]
user_data = {
'first_name':
'My First Name',
'last_name':
'My Last Name',
'email':
'*****@*****.**' % credentials['username'],
'username':
credentials['username'],
'permissions':
permissions,
'roles': ['prison-clerk'],
'prisons': [{
'nomis_id': 'BXI',
'name': 'HMP Brixton',
'pre_approval_required': False
}],
'flags': [READ_ML_BRIEFING_FLAG],
}
return {
'user_pk': user_pk,
'token': token,
'credentials': credentials,
'user_data': user_data,
}
def test_base_api_url_allows_trailing_slash(self):
actual_api_url = settings.API_URL
# set API_URL and then reload the client to generate
# a new REQUEST_TOKEN_URL
settings.API_URL = actual_api_url + "/"
reload(api_client)
username = "******"
# mock the response, return token
expected_token = generate_tokens()
expected_user_data = {"pk": 1, "first_name": "My First Name", "last_name": "My last name"}
responses.add(
responses.POST,
urljoin(actual_api_url, "oauth2/token/"),
body=json.dumps(expected_token),
status=200,
content_type="application/json",
)
responses.add(
responses.GET,
urljoin(actual_api_url, "users/", username),
body=json.dumps(expected_user_data),
status=200,
content_type="application/json",
)
# authenticate, should complete without error
api_client.authenticate(username, "my-password")
# revert changes
settings.API_URL = actual_api_url
reload(api_client)
def test_success(self, mocked_api_client):
"""
Successful authentication.
"""
user_pk = 100
credentials = {'username': '******', 'password': '******'}
token = generate_tokens()
user_data = {
'first_name': 'My First Name',
'last_name': 'My Last Name',
'username': credentials['username'],
}
mocked_api_client.authenticate.return_value = {
'pk': user_pk,
'token': token,
'user_data': user_data
}
# login
response = self.client.post(self.login_url, data=credentials)
self.assertEqual(response.status_code, 302)
self.assertEqual(self.client.session[SESSION_KEY], user_pk)
self.assertEqual(self.client.session[BACKEND_SESSION_KEY],
settings.AUTHENTICATION_BACKENDS[0])
self.assertDictEqual(self.client.session[AUTH_TOKEN_SESSION_KEY],
token)
self.assertDictEqual(self.client.session[USER_DATA_SESSION_KEY],
user_data)
def _default_login_data(self):
user_pk = 100
credentials = {
'username': '******',
'password': '******'
}
token = generate_tokens()
permissions = ['credit.view_credit',
'credit.lock_credit', 'credit.unlock_credit',
'credit.patch_credited_credit']
user_data = {
'first_name': 'My First Name',
'last_name': 'My Last Name',
'email': '*****@*****.**' % credentials['username'],
'username': credentials['username'],
'permissions': permissions,
'roles': ['prison-clerk'],
'prisons': [{
'nomis_id': 'BXI',
'name': 'HMP Brixton',
'pre_approval_required': False
}],
}
return {
'user_pk': user_pk,
'token': token,
'credentials': credentials,
'user_data': user_data,
}
def test_success(self):
username = '******'
# mock the response, return token
expected_token = generate_tokens()
expected_user_data = {
'pk': 1,
'first_name': 'My First Name',
'last_name': 'My last name',
}
responses.add(
responses.POST,
urljoin(settings.API_URL, 'oauth2/token'),
body=json.dumps(expected_token),
status=200,
content_type='application/json'
)
responses.add(
responses.GET,
urljoin(settings.API_URL, 'users/', username),
body=json.dumps(expected_user_data),
status=200,
content_type='application/json'
)
# authenticate, should return authentication data
data = api_client.authenticate(username, 'my-password')
self.assertEqual(data['pk'], expected_user_data.get('pk'))
self.assertDictEqual(data['token'], expected_token)
self.assertDictEqual(data['user_data'], expected_user_data)
def login(self, mocked_api_client):
user_pk = 100
credentials = {
'username': '******',
'password': '******',
}
token = generate_tokens()
user_data = {
'first_name': 'My First Name',
'last_name': 'My Last Name',
'username': credentials['username'],
}
mocked_api_client.authenticate.return_value = {
'pk': user_pk,
'token': token,
'user_data': user_data,
}
# login
response = self.client.post(self.login_url,
data=credentials,
follow=True)
self.assertEqual(response.status_code, 200)
return token
def setUp(self, *args, **kwargs):
super(UserPermissionsTestCase, self).setUp(*args, **kwargs)
self.user = MojUser(5, generate_tokens(), {
'first_name': 'Sam',
'last_name': 'Hall',
'permissions': [
'allowed_permission_1',
'allowed_permission_2',
'allowed_permission_3'
]
})
def test_no_permissions_fails_gracefully(self):
user = MojUser(6, generate_tokens(), {
'first_name': 'Sam',
'last_name': 'Halle',
})
user.get_all_permissions()
self.assertFalse(user.has_perm('forbidden_permission'))
self.assertFalse(user.has_perms([
'allowed_permission_1',
'forbidden_permission'
]))
def test_token_refreshed_automatically(self):
"""
Test that if I call the /test/ endpoint with an
expired access token, the module should automatically:
- request a new access token
- update request.user.token to the new token
- finally request /test/ with the new valid token
"""
def build_expires_at(dt):
return (
dt - datetime.datetime(1970, 1, 1)
).total_seconds()
# dates
now = datetime.datetime.now()
one_day_delta = datetime.timedelta(days=1)
expired_yesterday = build_expires_at(now - one_day_delta)
expires_tomorrow = build_expires_at(now + one_day_delta)
# set access_token.expires_at to yesterday
self.request.user.token['expires_at'] = expired_yesterday
expired_token = self.request.user.token
# mock the refresh token endpoint, return a new token
new_token = generate_tokens(expires_at=expires_tomorrow)
responses.add(
responses.POST,
api_client.get_request_token_url(),
body=json.dumps(new_token),
status=200,
content_type='application/json'
)
# mock the /test/ endpoint, return valid body
expected_response = {'success': True}
responses.add(
responses.GET,
self.test_endpoint,
body=json.dumps(expected_response),
status=200,
content_type='application/json'
)
result = self._test_success()
self.assertDictEqual(result, expected_response)
self.assertDictEqual(self.request.user.token, new_token)
self.assertNotEqual(
expired_token['access_token'],
new_token['access_token']
)
def setUp(self):
"""
Sets up a request mock object with
request.user.token == generated token.
It also defines the {base_url}/test/ endpoint which will be
used by all the test methods.
"""
super(GetConnectionTestCase, self).setUp()
self.request = mock.MagicMock(user=mock.MagicMock(token=generate_tokens()))
self.test_endpoint = urljoin(settings.API_URL, "test")
def test_token_refreshed_automatically(self):
"""
Test that if I call the /test/ endpoint with an
expired access token, the module should automatically:
- request a new access token
- update request.user.token to the new token
- finally request /test/ with the new valid token
"""
def build_expires_at(dt):
return (dt - datetime.datetime(1970, 1, 1)).total_seconds()
# dates
now = datetime.datetime.now()
one_day_delta = datetime.timedelta(days=1)
expired_yesterday = build_expires_at(now - one_day_delta)
expires_tomorrow = build_expires_at(now + one_day_delta)
# set access_token.expires_at to yesterday
self.request.user.token["expires_at"] = expired_yesterday
expired_token = self.request.user.token
# mock the refresh token endpoint, return a new token
new_token = generate_tokens(expires_at=expires_tomorrow)
responses.add(
responses.POST,
api_client.REQUEST_TOKEN_URL,
body=json.dumps(new_token),
status=200,
content_type="application/json",
)
# mock the /test/ endpoint, return valid body
expected_response = {"success": True}
responses.add(
responses.GET,
self.test_endpoint,
body=json.dumps(expected_response),
status=200,
content_type="application/json",
)
# test
conn = api_client.get_connection(self.request)
result = conn.test.get()
self.assertDictEqual(result, expected_response)
self.assertDictEqual(self.request.user.token, new_token)
self.assertNotEqual(expired_token["access_token"], new_token["access_token"])
def setUp(self):
"""
Sets up a request mock object with
request.user.token == generated token.
It also defines the {base_url}/test/ endpoint which will be
used by all the test methods.
"""
super(GetConnectionTestCase, self).setUp()
self.request = mock.MagicMock(
user=mock.MagicMock(
token=generate_tokens()
)
)
self.test_endpoint = urljoin(settings.API_URL, 'test')
def login(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'permissions': ['transaction.view_bank_details_transaction']
}
}
response = self.client.post(
reverse('login'),
data={'username': '******', 'password': '******'},
follow=False
)
self.assertEqual(response.status_code, 302)
def login(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'applications': ['noms-ops'],
'permissions': required_permissions,
}
}
response = self.client.post(
reverse('login'),
data={'username': '******', 'password': '******'},
follow=True
)
self.assertEqual(response.status_code, 200)
return mock_api_client.authenticate.return_value
def login(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'applications': ['bank-admin'],
'permissions': ['transaction.view_bank_details_transaction']
}
}
response = self.client.post(
reverse('login'),
data={'username': '******', 'password': '******'},
follow=True
)
self.assertEqual(response.status_code, 200)
def test_cannot_see_refund_download_without_perm(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'permissions': []
}
}
response = self.client.post(
reverse('login'),
data={'username': '******', 'password': '******'},
follow=True
)
self.assertEqual(response.status_code, 200)
self.assertNotContains(response, reverse('bank_admin:download_refund_file'))
def test_success(self, mocked_api_client):
"""
Successful authentication.
"""
user_pk = 100
credentials = {
'username': '******',
'password': '******'
}
token = generate_tokens()
user_data = {
'first_name': 'My First Name',
'last_name': 'My Last Name',
'username': credentials['username'],
}
mocked_api_client.authenticate.return_value = {
'pk': user_pk,
'token': token,
'user_data': user_data
}
# login
response = self.client.post(
self.login_url, data=credentials
)
self.assertEqual(response.status_code, 302)
self.assertEqual(
self.client.session[SESSION_KEY], user_pk
)
self.assertEqual(
self.client.session[BACKEND_SESSION_KEY],
settings.AUTHENTICATION_BACKENDS[0]
)
self.assertDictEqual(
self.client.session[AUTH_TOKEN_SESSION_KEY], token
)
self.assertDictEqual(
self.client.session[USER_DATA_SESSION_KEY], user_data
)
def test_cannot_see_refund_download_without_perm(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'applications': ['bank-admin'],
'permissions': []
}
}
response = self.client.post(
reverse('login'),
data={'username': '******', 'password': '******'},
follow=True
)
self.assertEqual(response.status_code, 200)
self.assertNotContains(response, reverse('bank_admin:download_refund_file'))
def test_base_api_url_allows_trailing_slash(self):
actual_api_url = settings.API_URL
# set API_URL and then reload the client to generate
# a new REQUEST_TOKEN_URL
settings.API_URL = actual_api_url + '/'
reload(api_client)
username = '******'
# mock the response, return token
expected_token = generate_tokens()
expected_user_data = {
'pk': 1,
'first_name': 'My First Name',
'last_name': 'My last name',
}
responses.add(
responses.POST,
urljoin(actual_api_url, 'oauth2/token/'),
body=json.dumps(expected_token),
status=200,
content_type='application/json'
)
responses.add(
responses.GET,
urljoin(actual_api_url, 'users/', username),
body=json.dumps(expected_user_data),
status=200,
content_type='application/json'
)
# authenticate, should complete without error
api_client.authenticate(username, 'my-password')
# revert changes
settings.API_URL = actual_api_url
reload(api_client)
def test_refund_download_hidden_even_with_perm(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'permissions': ['transaction.view_bank_details_transaction']
}
}
mock_missing_download_check()
response = self.client.post(
reverse('login'),
data={'username': '******', 'password': '******'},
follow=True
)
self.assertEqual(response.status_code, 200)
self.assertNotContains(response, reverse('bank_admin:download_refund_file'))
self.assertContains(response, 'There are no refunds to process through Access Pay')
def mocked_login(self, **user_data_updates):
with mock.patch('django.contrib.auth.login') as mock_login, \
mock.patch('mtp_common.auth.backends.api_client') as mock_api_client:
mock_login.side_effect = lambda request, user, *args: login(request, user)
user_data = {
'username': '******',
'first_name': 'Test',
'last_name': 'User',
'email': '*****@*****.**',
'permissions': [
'auth.add_user', 'auth.change_user', 'auth.delete_user',
],
'prisons': [{'nomis_id': 'AAI', 'name': 'Prison 1', 'pre_approval_required': False}],
'roles': ['prison-clerk'],
}
user_data.update(user_data_updates)
mock_api_client.authenticate.return_value = {
'pk': 1,
'token': generate_tokens(),
'user_data': user_data,
}
self.assertTrue(self.client.login(username='******',
password='******'))
def login(self, mocked_api_client):
user_pk = 100
credentials = {
'username': '******',
'password': '******',
}
token = generate_tokens()
user_data = {
'first_name': 'My First Name',
'last_name': 'My Last Name',
'username': credentials['username'],
}
mocked_api_client.authenticate.return_value = {
'pk': user_pk,
'token': token,
'user_data': user_data,
}
# login
response = self.client.post(self.login_url, data=credentials,
follow=True)
self.assertEqual(response.status_code, 200)
return token
def login(self, mock_api_client):
mock_api_client.authenticate.return_value = {
'pk': 5,
'token': generate_tokens(),
'user_data': {
'first_name': 'Sam',
'last_name': 'Hall',
'username': '******',
'email': '*****@*****.**',
'permissions': required_permissions,
'prisons': [],
'flags': [],
'roles': ['prisoner-location-upload']
}
}
response = self.client.post(reverse('login'),
data={
'username': '******',
'password': '******'
},
follow=True)
self.assertEqual(response.status_code, 200)
return mock_api_client.authenticate.return_value
def authenticated_request(self):
return mock.MagicMock(user=mock.MagicMock(token=generate_tokens()))
def setup_mock_get_authenticated_api_session(self, mock_api_client):
mock_session = MoJOAuth2Session()
mock_session.token = generate_tokens()
mock_api_client.get_authenticated_api_session.return_value = mock_session
def setUp(self):
self.api_session = get_api_session(
mock.MagicMock(user=mock.MagicMock(token=generate_tokens())))
def mock_api_session(mocked_api_session):
mock_session = MoJOAuth2Session()
mock_session.token = generate_tokens()
mocked_api_session.return_value = mock_session
def setUp(self):
super().setUp()
self.request = mock.MagicMock(user=mock.MagicMock(
token=generate_tokens()))
