Пример #1
0
    def test_mfa_required__admin_mfa_required_false__admin_user(
            self, mock_settings, mock_has_mfa, mock_redirect):
        mock_settings.MFA_REQUIRED = True
        mock_settings.SSO_MFA_REQUIRED = True
        mock_settings.ADMIN_MFA_REQUIRED = False
        mock_get_response = mock.MagicMock()
        mock_request = self.mock_request_with_user(is_staff=True)

        mock_has_mfa.return_value = False

        TethysMfaRequiredMiddleware(mock_get_response)(mock_request)

        # not required for admin/staff user
        mock_redirect.assert_not_called()
Пример #2
0
    def test_mfa_required__admin_mfa_required_false__sso_user(
            self, mock_settings, mock_has_mfa, mock_redirect):
        mock_settings.MFA_REQUIRED = True
        mock_settings.SSO_MFA_REQUIRED = True
        mock_settings.ADMIN_MFA_REQUIRED = False
        mock_get_response = mock.MagicMock()
        mock_request = self.mock_request_with_user(with_sso=True)

        mock_has_mfa.return_value = False

        TethysMfaRequiredMiddleware(mock_get_response)(mock_request)

        # required for sso users
        mock_redirect.assert_called_once_with('mfa_home')
Пример #3
0
    def test_mfa_required_all_true__valid_token__staff_user(
            self, mock_settings, mock_has_mfa, mock_redirect, _):
        mock_settings.MFA_REQUIRED = True
        mock_settings.SSO_MFA_REQUIRED = True
        mock_settings.ADMIN_MFA_REQUIRED = True
        mock_get_response = mock.MagicMock()
        mock_request = self.mock_request_with_user(is_staff=True)
        mock_request.headers = {
            'Authorization': 'Token abcdefghijklmnopqrstuvwxyz'
        }

        mock_has_mfa.return_value = False

        TethysMfaRequiredMiddleware(mock_get_response)(mock_request)

        # not required for valid token
        mock_redirect.assert_not_called()
Пример #4
0
    def test_mfa_required_all_true__invalid_token__staff_user(
            self, mock_settings, mock_has_mfa, mock_redirect,
            mock_authenticate):
        mock_settings.MFA_REQUIRED = True
        mock_settings.SSO_MFA_REQUIRED = True
        mock_settings.ADMIN_MFA_REQUIRED = True
        mock_get_response = mock.MagicMock()
        mock_request = self.mock_request_with_user(is_staff=True)
        mock_request.headers = {
            'Authorization': 'Token abcdefghijklmnopqrstuvwxyz'
        }
        mock_authenticate.side_effect = AuthenticationFailed

        mock_has_mfa.return_value = False

        TethysMfaRequiredMiddleware(mock_get_response)(mock_request)

        # required for all users
        mock_redirect.assert_called_once_with('mfa_home')
Пример #5
0
    def test_mfa_required_excluded_paths(self, mock_settings, mock_has_mfa,
                                         mock_redirect):
        mock_settings.MFA_REQUIRED = True
        mock_settings.SSO_MFA_REQUIRED = True
        mock_settings.ADMIN_MFA_REQUIRED = True
        mock_has_mfa.return_value = False
        mock_get_response = mock.MagicMock()

        excluded_paths = [
            '/', '/accounts/login/', '/accounts/logout/', '/oauth2/foo/',
            '/user/bar/', '/captcha/jar/', '/devices/123/', '/mfa/add/'
        ]

        for path in excluded_paths:
            mock_request = self.mock_request_with_user(path=path)
            TethysMfaRequiredMiddleware(mock_get_response)(mock_request)

            # do not react on these paths
            mock_redirect.assert_not_called()