def test_logout_invalidates_session(self, pyramid_config, pyramid_request):
pyramid_request.session["foo"] = "bar"
pyramid_config.testing_securitypolicy("acct:[email protected]")
views.AuthController(pyramid_request).logout()
assert "foo" not in pyramid_request.session
def test_logout_invalidates_session(self, config):
request = DummyRequest()
request.session["foo"] = "bar"
config.testing_securitypolicy("acct:[email protected]")
views.AuthController(request).logout()
assert "foo" not in request.session
def test_logout_event(self, logoutevent, notify, pyramid_config,
pyramid_request):
pyramid_config.testing_securitypolicy("acct:[email protected]")
views.AuthController(pyramid_request).logout()
logoutevent.assert_called_with(pyramid_request)
notify.assert_called_with(logoutevent.return_value)
def test_post_redirects_to_next_param_when_logged_in(self, authn_policy):
request = DummyRequest(params={'next': '/foo/bar'})
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
with pytest.raises(httpexceptions.HTTPFound) as e:
views.AuthController(request).post()
assert e.value.location == '/foo/bar'
def test_logout_response_has_forget_headers(self, authn_policy):
request = DummyRequest()
authn_policy.forget.return_value = {
'x-erase-fingerprints': 'on the hob'}
result = views.AuthController(request).logout()
assert result.headers['x-erase-fingerprints'] == 'on the hob'
def test_logout_invalidates_session(self, authn_policy):
request = DummyRequest()
request.session["foo"] = "bar"
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
views.AuthController(request).logout()
assert "foo" not in request.session
def test_logout_response_has_forget_headers(self, pyramid_config,
pyramid_request):
pyramid_config.testing_securitypolicy(
forget_result={'x-erase-fingerprints': 'on the hob'})
result = views.AuthController(pyramid_request).logout()
assert result.headers['x-erase-fingerprints'] == 'on the hob'
def test_logout_event(self, logoutevent, authn_policy, notify):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
views.AuthController(request).logout()
logoutevent.assert_called_with(request)
notify.assert_called_with(logoutevent.return_value)
def test_post_redirects_to_next_param_when_logged_in(self, config):
request = DummyRequest(params={'next': '/foo/bar'})
config.testing_securitypolicy("acct:[email protected]")
with pytest.raises(httpexceptions.HTTPFound) as e:
views.AuthController(request).post()
assert e.value.location == '/foo/bar'
def test_logout_event(self, logoutevent, config, notify):
request = DummyRequest()
config.testing_securitypolicy("acct:[email protected]")
views.AuthController(request).logout()
logoutevent.assert_called_with(request)
notify.assert_called_with(logoutevent.return_value)
def test_post_returns_form_when_validation_fails(self, config):
request = DummyRequest()
config.testing_securitypolicy(None) # Logged out
controller = views.AuthController(request)
controller.form = invalid_form()
result = controller.post()
assert result == {'form': 'invalid form'}
def test_post_returns_form_when_validation_fails(self, authn_policy):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
controller = views.AuthController(request)
controller.form = invalid_form()
result = controller.post()
assert result == {'form': 'invalid form'}
def test_post_redirects_when_validation_succeeds(self, config):
request = DummyRequest(auth_domain='hypothes.is')
config.testing_securitypolicy(None) # Logged out
controller = views.AuthController(request)
controller.form = form_validating_to(
{"user": FakeUser(username='******')})
result = controller.post()
assert isinstance(result, httpexceptions.HTTPFound)
def test_post_redirects_when_validation_succeeds(self, authn_policy):
request = DummyRequest(auth_domain='hypothes.is')
authn_policy.authenticated_userid.return_value = None # Logged out
controller = views.AuthController(request)
controller.form = form_validating_to(
{"user": FakeUser(username='******')})
result = controller.post()
assert isinstance(result, httpexceptions.HTTPFound)
def test_post_no_event_when_validation_fails(self, loginevent,
authn_policy, notify):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
controller = views.AuthController(request)
controller.form = invalid_form()
controller.post()
assert not loginevent.called
assert not notify.called
def test_post_event_when_validation_succeeds(self, loginevent,
authn_policy, notify):
request = DummyRequest(auth_domain='hypothes.is')
authn_policy.authenticated_userid.return_value = None # Logged out
elephant = FakeUser(username='******')
controller = views.AuthController(request)
controller.form = form_validating_to({"user": elephant})
controller.post()
loginevent.assert_called_with(request, elephant)
notify.assert_called_with(loginevent.return_value)
def test_post_no_event_when_validation_fails(self, loginevent,
invalid_form, notify,
pyramid_config,
pyramid_request):
pyramid_config.testing_securitypolicy(None) # Logged out
controller = views.AuthController(pyramid_request)
controller.form = invalid_form()
controller.post()
assert not loginevent.called
assert not notify.called
def test_post_redirects_when_validation_succeeds(self, factories,
form_validating_to,
pyramid_config,
pyramid_request):
pyramid_config.testing_securitypolicy(None) # Logged out
controller = views.AuthController(pyramid_request)
controller.form = form_validating_to(
{"user": factories.User(username='******')})
result = controller.post()
assert isinstance(result, httpexceptions.HTTPFound)
def test_post_event_when_validation_succeeds(self, loginevent, factories,
form_validating_to, notify,
pyramid_config,
pyramid_request):
pyramid_config.testing_securitypolicy(None) # Logged out
elephant = factories.User(username='******')
controller = views.AuthController(pyramid_request)
controller.form = form_validating_to({"user": elephant})
controller.post()
loginevent.assert_called_with(pyramid_request, elephant)
notify.assert_called_with(loginevent.return_value)
def test_post_redirects_when_logged_in(self, pyramid_config,
pyramid_request):
pyramid_config.testing_securitypolicy("acct:[email protected]")
with pytest.raises(httpexceptions.HTTPFound):
views.AuthController(pyramid_request).post()
def test_logout_forgets_authenticated_user(self, authn_policy):
request = DummyRequest()
views.AuthController(request).logout()
authn_policy.forget.assert_called_with(request)
def test_logout_redirects(self, pyramid_request):
result = views.AuthController(pyramid_request).logout()
assert isinstance(result, httpexceptions.HTTPFound)
def test_post_redirects_when_logged_in(self, authn_policy):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
with pytest.raises(httpexceptions.HTTPFound):
views.AuthController(request).post()
def test_logout_redirects(self):
request = DummyRequest()
result = views.AuthController(request).logout()
assert isinstance(result, httpexceptions.HTTPFound)
