def test_session_store_ignores_multiple_new_values_in_session_data(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
session_data.additional_value = "some cool new value you do not know about yet"
session_data.second_additional_value = "some other not so cool value"
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertFalse(
hasattr(session_store.session_data, "additional_value"))
self.assertFalse(
hasattr(session_store.session_data, "second_additional_value"))
def _load(self):
logger.debug('finding eq_session_id in database',
eq_session_id=self.eq_session_id)
self._eq_session = data_access.get_by_key(EQSession,
self.eq_session_id)
if self._eq_session:
self.user_id = self._eq_session.user_id
if self._eq_session.session_data:
encrypted_session_data = self._eq_session.session_data
session_data = StorageEncryption(self.user_id, self.user_ik, self.pepper)\
.decrypt_data(encrypted_session_data)
# for backwards compatibility
# session data used to be base64 encoded before encryption
try:
session_data = base64url_decode(
session_data.decode()).decode()
except ValueError:
pass
self.session_data = json.loads(
session_data, object_hook=lambda d: SessionData(**d))
logger.debug(
'found matching eq_session for eq_session_id in database',
session_id=self._eq_session.eq_session_id,
user_id=self._eq_session.user_id)
else:
logger.debug('eq_session_id not found in database',
eq_session_id=self.eq_session_id)
return self._eq_session
def _load(self):
logger.debug('finding eq_session_id in database',
eq_session_id=self.eq_session_id)
self._eq_session = data_access.get_by_key(EQSession,
self.eq_session_id)
if self._eq_session:
self.user_id = self._eq_session.user_id
if self._eq_session.session_data:
encrypted_session_data = self._eq_session.session_data
session_data = StorageEncryption(self.user_id, self.user_ik, self.pepper)\
.decrypt_data(encrypted_session_data)
self.session_data = json.loads(
session_data, object_hook=lambda d: SessionData(**d))
logger.debug(
'found matching eq_session for eq_session_id in database',
session_id=self._eq_session.eq_session_id,
user_id=self._eq_session.user_id)
else:
logger.debug('eq_session_id not found in database',
eq_session_id=self.eq_session_id)
return self._eq_session
def test_session_store_reads_data_saved_with_trading_as_but_read_not_expecting_trading_as(self):
"""This test simulates the case where a session is created using a new session store that holds trading as
but this gets read in an old session that does NOT support trading as """
original_loads_func = simplejson.loads
class OldSessionData:
"""class representing what old sessions expect ( no trading as) """
def __init__(self,
tx_id,
eq_id,
form_type,
period_str,
language_code,
survey_url,
ru_name,
ru_ref,
case_id=None,
case_ref=None,
account_service_url=None,
submitted_time=None,
**_):
self.tx_id = tx_id
self.eq_id = eq_id
self.form_type = form_type
self.period_str = period_str
self.language_code = language_code
self.survey_url = survey_url
self.ru_name = ru_name
self.ru_ref = ru_ref
self.submitted_time = submitted_time
self.case_id = case_id
self.case_ref = case_ref
self.account_service_url = account_service_url
def old_json_loader(raw, object_hook): # pylint: disable=unused-argument
"""replacement for json.loads to decode to old format ( no trading as) """
old_data = original_loads_func(raw, object_hook=lambda d: OldSessionData(**d)) # call json.loads ,hook pointing to an old class
return old_data
session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as_name'
)
with self._app.test_request_context():
with patch('app.data_model.session_store.json.loads', old_json_loader): # patch json.loads to use old_json_loader above
self.session_store.create('eq_session_id', 'test', session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertFalse(hasattr(session_store.session_data, 'trad_as'))
def test_session_store_ignores_new_values_in_session_data(self):
session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref'
)
session_data.additional_value = 'some cool new value you do not know about yet'
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertFalse(hasattr(session_store.session_data, 'additional_value'))
def setUp(self):
super().setUp()
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
def setUp(self):
super().setUp()
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
self.session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def fake_session_data():
return SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
language_code=None,
survey_url=None,
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
period_str=None,
ru_name=None,
)
def setUp(self):
super().setUp()
self._app.permanent_session_lifetime = timedelta(seconds=1)
self.session_store = SessionStore('user_ik', 'pepper')
self.session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref'
)
def setUp(self):
super().setUp()
self.session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
response_id="response_id",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
case_id="case_id",
questionnaire_id="questionnaire_id",
)
self.session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.expires_at = datetime.now(tzutc()) + timedelta(seconds=5)
def test_session_store_stores_none_for_trading_as_if_not_present(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
case_id='case_id')
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test',
session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_stores_trading_as_value_if_present(self):
session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as',
case_id='case_id')
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', session_data,
self.expires_at).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertTrue(hasattr(session_store.session_data, 'trad_as'))
def test_session_store_reads_data_saved_without_trading_as_but_read_expecting_trading_as(self):
old_session_data = SessionData(
tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref'
)
delattr(old_session_data, 'trad_as') # Make class look like old style class
with self._app.test_request_context():
self.session_store.create('eq_session_id', 'test', old_session_data).save()
session_store = SessionStore('user_ik', 'pepper', 'eq_session_id')
self.assertIsNone(session_store.session_data.trad_as)
def test_session_store_stores_none_for_trading_as_if_not_present(self):
session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
ru_ref="ru_ref",
response_id="response_id",
questionnaire_id="questionnaire_id",
case_id="case_id",
)
with self._app.test_request_context():
self.session_store.create("eq_session_id", "test", session_data,
self.expires_at).save()
session_store = SessionStore("user_ik", "pepper", "eq_session_id")
self.assertIsNone(session_store.session_data.trad_as)
def _create_session_data_from_metadata(metadata):
"""
Creates a SessionData object from metadata
:param metadata: metadata parsed from jwt token
"""
session_data = SessionData(
tx_id=metadata.get('tx_id'),
eq_id=metadata.get('eq_id'),
form_type=metadata.get('form_type'),
period_str=metadata.get('period_str'),
language_code=metadata.get('language_code'),
survey_url=metadata.get('survey_url'),
ru_name=metadata.get('ru_name'),
ru_ref=metadata.get('ru_ref'),
case_id=metadata.get('case_id'),
case_ref=metadata.get('case_ref'),
trad_as=metadata.get('trad_as'),
account_service_url=metadata.get('account_service_url'),
)
return session_data
def setUp(self):
super().setUp()
self.user_id = 'user_id'
self.user_ik = 'user_ik'
self.pepper = 'pepper'
self.session_id = 'session_id'
self.session_data = SessionData(tx_id='tx_id',
eq_id='eq_id',
form_type='form_type',
period_str='period_str',
language_code=None,
survey_url=None,
ru_name='ru_name',
ru_ref='ru_ref',
trad_as='trading_as_name',
case_id='case_id')
# pylint: disable=protected-access
self.key = storage_encryption.StorageEncryption._generate_key(
self.user_id, self.user_ik, self.pepper)
self._save_legacy_state_data(self.session_id, self.user_id,
self.session_data)
def setUp(self):
super().setUp()
self.user_id = "user_id"
self.user_ik = "user_ik"
self.pepper = "pepper"
self.session_id = "session_id"
self.session_data = SessionData(
tx_id="tx_id",
schema_name="some_schema_name",
period_str="period_str",
language_code=None,
survey_url=None,
ru_name="ru_name",
response_id="response_id",
questionnaire_id="questionnaire_id",
ru_ref="ru_ref",
trad_as="trading_as_name",
case_id="case_id",
)
# pylint: disable=protected-access
self.key = storage_encryption.StorageEncryption._generate_key(
self.user_id, self.user_ik, self.pepper)
def _create_session_data_from_metadata(metadata):
"""
Creates a SessionData object from metadata
:param metadata: metadata parsed from jwt token
"""
session_data = SessionData(
tx_id=metadata.get("tx_id"),
schema_name=metadata.get("schema_name"),
period_str=metadata.get("period_str"),
language_code=metadata.get("language_code"),
survey_url=metadata.get("survey_url"),
ru_name=metadata.get("ru_name"),
ru_ref=metadata.get("ru_ref"),
response_id=metadata.get("response_id"),
questionnaire_id=metadata.get("questionnaire_id"),
case_id=metadata.get("case_id"),
case_ref=metadata.get("case_ref"),
trad_as=metadata.get("trad_as"),
account_service_url=metadata.get("account_service_url"),
account_service_log_out_url=metadata.get(
"account_service_log_out_url"),
)
return session_data