def test_process_request_user_access_no_permissions(self, get_access_mock):
"""Test PermissionDenied is not raised for user-access calls"""
mock_access = {}
username = "******"
get_access_mock.return_value = mock_access
user_data = self._create_user_data()
customer = self._create_customer_data()
request_context = self._create_request_context(customer,
user_data,
create_customer=True,
create_tenant=True,
is_admin=False)
mock_request = request_context["request"]
mock_request.path = "/api/v1/user-access/"
mock_request.META["QUERY_STRING"] = ""
mock_user = Mock(username=username, admin=False, access=None)
mock_request = Mock(path="/api/v1/user-access/", user=mock_user)
IdentityHeaderMiddleware.create_user(
username=username,
email=self.user_data["email"],
customer=Customer.objects.get(
account_id=customer.get("account_id")),
request=mock_request,
)
middleware = KokuTenantMiddleware()
with patch.object(BaseTenantMiddleware,
"process_request") as mock_process_request:
_ = middleware.process_request(mock_request)
mock_process_request.assert_called()
def test_race_condition_user(self):
"""Test case where another request may create the user in a race condition."""
mock_request = self.request
middleware = IdentityHeaderMiddleware()
middleware.process_request(mock_request)
self.assertTrue(hasattr(mock_request, "user"))
customer = Customer.objects.get(account_id=self.customer.account_id)
self.assertIsNotNone(customer)
user = User.objects.get(username=self.user_data["username"])
self.assertIsNotNone(user)
IdentityHeaderMiddleware.create_user(
username=self.user_data["username"], email=self.user_data["email"], customer=customer, request=mock_request
)
def _create_context(self):
"""Create request context object."""
user = None
customer = None
encoded_auth_header = self._identity_header.get("x-rh-identity")
if encoded_auth_header:
identity = json.loads(b64decode(encoded_auth_header))
account = identity.get("identity", {}).get("account_number")
username = identity.get("identity", {}).get("user",
{}).get("username")
email = identity.get("identity", {}).get("user", {}).get("email")
identity_type = identity.get("identity", {}).get("type", "User")
auth_type = identity.get("identity", {}).get("auth_type")
if identity_type == "System" and auth_type == "uhc-auth":
username = identity.get("identity",
{}).get("system", {}).get("cluster_id")
email = ""
try:
customer = Customer.objects.filter(account_id=account).get()
except Customer.DoesNotExist:
customer = IdentityHeaderMiddleware.create_customer(account)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = IdentityHeaderMiddleware.create_user(
username, email, customer, None)
context = {"user": user, "customer": customer}
return context, customer, user
def test_race_condition_user_caching(self):
"""Test case for caching where another request may create the user in a race condition."""
mock_request = self.request
middleware = IdentityHeaderMiddleware()
self.assertEquals(MD.USER_CACHE.maxsize, 5) # Confirm that the size of the user cache has changed
self.assertEquals(MD.USER_CACHE.currsize, 0) # Confirm that the user cache is empty
middleware.process_request(mock_request)
self.assertEquals(MD.USER_CACHE.currsize, 1)
self.assertTrue(hasattr(mock_request, "user"))
customer = Customer.objects.get(account_id=self.customer.account_id)
self.assertIsNotNone(customer)
user = User.objects.get(username=self.user_data["username"])
self.assertEquals(MD.USER_CACHE.currsize, 1)
self.assertIsNotNone(user)
IdentityHeaderMiddleware.create_user(
username=self.user_data["username"], # pylint: disable=W0212
email=self.user_data["email"],
customer=customer,
request=mock_request,
)
self.assertEquals(MD.USER_CACHE.currsize, 1)