def test_session_expire_success_on_exception(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 200
g.requests.delete.side_effect = Exception('test exception')
SessionAPIService.expire_session("abc")
self.assertTrue(True)
def test_session_expire_success_on_non_200(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 200
g.requests.delete.return_value = response
SessionAPIService.expire_session("abc")
self.assertTrue(True)
def generate_geoserver(self):
"""Generates geoserver token and stores in session, returns token for convenience"""
current_app.logger.info("Method called, creating geoserver info")
new_geoserver = Geoserver()
new_geoserver.token = str(uuid.uuid4())
new_geoserver.token_expiry = int(
time.time()) + config.GEOSERVER_TIMEOUT
current_app.logger.info("Committing geoserver info to session store")
SessionAPIService.update_session_data(self.session_key,
new_geoserver.to_dict(),
Session.session_geoserver_key)
self.geoserver = new_geoserver
return self.geoserver.token
def test_update_session_successful(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 201
response.text = "session key"
g.requests.put.return_value = response
SessionAPIService.update_session_data(
1,
{'data': 'some value'},
TEST_SUBSECTION
)
self.assertTrue(True)
def populate_user(self):
"""Populates the current authenticated user from session state."""
current_app.logger.info(
"Method called, getting session user from session api")
response = SessionAPIService.get_session_state(
self.session_key, Session.session_user_key)
if response is not None:
current_app.logger.info("User data returned from session state")
self.user = User.from_dict(response)
def test_create_session_exception_response(self, mock_app):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 500
response.text = "session key"
g.requests.post.side_effect = Exception('test exception')
try:
SessionAPIService.create_session('abc')
except ApplicationError as ex:
self.assertEqual(ex.http_code, 500)
mock_app.logger.exception.assert_called()
mock_app.logger.exception.assert_called_with(
'Failed to create session. TraceID : 123 - Exception - test exception')
return
self.fail()
def test_session_valid_exception(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 200
g.requests.get.side_effect = Exception('test exception')
result = SessionAPIService.session_valid("abc")
self.assertFalse(result)
def test_session_valid_non_200(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 500
g.requests.get.return_value = response
result = SessionAPIService.session_valid("abc")
self.assertFalse(result)
def test_get_session_state_none_on_exception(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 500
response.json.return_value = {"test": '123'}
g.requests.get.side_effect = Exception('test exception')
result = SessionAPIService.get_session_state('abc', 'def')
self.assertIsNone(result)
def test_create_session_non_200_response(self, mock_app):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 500
response.text = "session key"
g.requests.post.return_value = response
try:
SessionAPIService.create_session('abc')
except ApplicationError as ex:
self.assertEqual(ex.http_code, 500)
mock_app.logger.exception.assert_called()
mock_app.logger.exception.assert_called_with(
'Failed to create session. TraceID : {} - Status code:{}, message:{}'.format(
"123",
"500",
"session key"))
return
self.fail()
def test_get_session_state_successful(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 200
response.json.return_value = {"test": '123'}
g.requests.get.return_value = response
result = SessionAPIService.get_session_state('abc', 'def')
self.assertIsNotNone(result)
self.assertEqual({"test": '123'}, result)
def test_update_session_failure_exception(self, mock_app):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 200
response.text = "session key"
g.requests.put.side_effect = Exception("test")
try:
SessionAPIService.update_session_data(
1,
{'data': 'some value'},
TEST_SUBSECTION
)
except ApplicationError as ex:
self.assertEqual(ex.http_code, 500)
mock_app.logger.exception.assert_called()
mock_app.logger.exception.assert_called_with(
'Failed to update session. TraceID : 123 - Exception - test')
return
self.fail()
def test_create_session_successful(self):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 200
response.text = "session key"
g.requests.post.return_value = response
result = SessionAPIService.create_session('abc')
self.assertIsNotNone(result)
self.assertEqual('session key', result)
def test_update_session_failure_non_200(self, mock_app):
with app.test_request_context():
g.requests = MagicMock()
g.trace_id = '123'
response = MagicMock()
response.status_code = 500
response.text = "session key"
g.requests.put.return_value = response
try:
SessionAPIService.update_session_data(
1,
{'data': 'some value'},
TEST_SUBSECTION
)
except ApplicationError as ex:
self.assertEqual(ex.http_code, 500)
mock_app.logger.exception.assert_called()
mock_app.logger.exception.assert_called_with(
'Error when updating session data for session ID 1. TraceID : 123 - Message - session key')
return
self.fail()
def valid(self):
"""Validates the session and populates the data if valid.
:return: boolean value representing if the session is valid.
"""
current_app.logger.info("Endpoint called")
if not SessionAPIService.session_valid(self.session_key):
current_app.logger.warning("Invalid session key: %s",
self.session_key)
return False
try:
if self.user is None:
current_app.logger.info(
"Nothing in self.user so populate from session api service"
)
self.populate_user()
# if session does not contain the current logged in user then we can not audit user actions so session is
# invalid
if self.user is None:
current_app.logger.info(
"Nothing in self.user and no user data in session")
return False
if self.add_charge_state is None:
current_app.logger.info(
"Nothing in self.add_charge_state so run self.populate_state"
)
self.populate_state()
if self.add_lon_charge_state is None:
current_app.logger.info(
"Nothing in self.add_lon_charge_state so run self.populate_state"
)
self.populate_state()
if self.two_factor_authentication_passed is None:
current_app.logger.info(
"self.two_factor_authentication_passed is None so run self.populate_2fa_state"
)
self.populate_2fa_state()
except Exception as ex:
current_app.logger.error(
'Exception validating session - {}'.format(ex))
self.expire()
return False
return True
def populate_2fa_state(self):
response = SessionAPIService.get_session_state(
self.session_key, Session.session_2fa_state_key)
if response is not None:
if 'two_factor_authentication_passed' in response:
self.two_factor_authentication_passed = response[
'two_factor_authentication_passed']
else:
self.two_factor_authentication_passed = False
if 'two_factor_authentication_code' in response:
self.two_factor_authentication_code = response[
'two_factor_authentication_code']
if 'two_factor_authentication_redirect_url' in response:
self.two_factor_authentication_redirect_url = response[
'two_factor_authentication_redirect_url']
if 'two_factor_authentication_generation_time' in response:
self.two_factor_authentication_generation_time = response[
'two_factor_authentication_generation_time']
if 'two_factor_authentication_invalid_attempts' in response:
self.two_factor_authentication_invalid_attempts = \
response['two_factor_authentication_invalid_attempts']
def expire(self):
"""Expires the current session token."""
current_app.logger.info("Method called")
SessionAPIService.expire_session(self.session_key)
def commit_2fa_state(self):
SessionAPIService.update_session_data(
self.session_key, self.two_factor_authentication_to_dict(),
Session.session_2fa_state_key)
def commit(self):
"""Saves the current session representation to the session store."""
current_app.logger.info("Method called")
SessionAPIService.update_session_data(self.session_key, self.to_dict(),
Session.session_state_key)
def populate_state(self):
"""Populates the add charge from session state."""
current_app.logger.info(
"Method called, getting session state from session api")
response = SessionAPIService.get_session_state(
self.session_key, Session.session_state_key)
if response is not None:
current_app.logger.info("Non-empty session state contents")
if 'add_charge_state' in response:
current_app.logger.info("add_charge_state in session state")
self.add_charge_state = LocalLandChargeItem.from_json(
response['add_charge_state'])
if 'add_lon_charge_state' in response:
current_app.logger.info(
"add_lon_charge_state in session state")
self.add_lon_charge_state = LightObstructionNoticeItem.from_json(
response['add_lon_charge_state'])
if 'last_created_charge' in response:
current_app.logger.info("last_created_charge in session state")
self.last_created_charge = LastCreatedCharge.from_dict(
response['last_created_charge'])
if 'statutory_provision_list' in response:
current_app.logger.info(
"statutory_provision_list in session state")
self.statutory_provision_list = response[
'statutory_provision_list']
if 'edited_fields' in response:
current_app.logger.info("edited_fields in session state")
self.edited_fields = response['edited_fields']
if 'llc1_state' in response:
current_app.logger.info("llc1_state in session state")
self.llc1_state = LLC1Search.from_json(response['llc1_state'])
if 'redirect_route' in response:
current_app.logger.info('redirect_route in session state')
self.redirect_route = response['redirect_route']
if 'search_extent' in response:
current_app.logger.info('search_extent in session state')
self.search_extent = response['search_extent']
if 'filenames' in response:
current_app.logger.info('filenames in session state')
self.filenames = response['filenames']
if 'previously_selected_address' in response:
current_app.logger.info(
'previously_selected_address in session state')
self.previously_selected_address = response[
'previously_selected_address']
if 'adding_charge_for_other_authority' in response:
current_app.logger.info(
'adding_charge_for_other_authority in session state')
self.adding_charge_for_other_authority = response[
'adding_charge_for_other_authority']
if 'submit_token' in response:
current_app.logger.info('submit token in session state')
self.submit_token = response['submit_token']
if 'upload_shapefile_processed' in response:
current_app.logger.info(
'upload_shapefile_processed in session state')
self.upload_shapefile_processed = response[
'upload_shapefile_processed']
if 'category_details' in response:
self.category_details = Category.from_dict(
response['category_details'])
if 'category_confirmation' in response:
self.category_confirmation = response['category_confirmation']
if 'charge_added_outside_users_authority' in response:
self.charge_added_outside_users_authority = response[
'charge_added_outside_users_authority']
if 'other_authority_update_permission' in response:
self.other_authority_update_permission = response[
'other_authority_update_permission']
if 'other_authority_cancel_permission' in response:
self.other_authority_cancel_permission = response[
'other_authority_cancel_permission']
if 'source_information' in response:
self.source_information = response['source_information']
if 'source_information_id' in response:
self.source_information_id = response['source_information_id']
if 'send_payment_link_info' in response:
current_app.logger.info(
"send_payment_link_info in session state")
self.send_payment_link_info = PaymentLink.from_json(
response['send_payment_link_info'])
if 'payment_info' in response:
current_app.logger.info("payment_info in session state")
self.payment_info = PaymentInfo.from_json(
response['payment_info'])
if 'search_details' in response:
self.search_details = SearchDetails.from_json(
response['search_details'])
