def _create_user(session: so.Session,
username: str,
password: Optional[str] = None,
role: db.Role = db.Role.user) -> db.UserRole:
db_user = db.UserRole(login=username, password=password, role=role)
session.add(db_user)
session.commit()
return db_user
def test_db_user(database: None) -> SystemUserModel:
with db.create_session() as session:
db_user = db.UserRole(login="******",
password="******",
role=db.Role.user)
session.add(db_user)
session.flush()
return SystemUserModel.from_orm(db_user)
def test_system_user(database: None, faker: Faker,
test_user_role: db.Role) -> SystemUserModel:
with db.create_session() as session:
app_user = db.UserRole(login=faker.word(),
password=faker.word(),
role=test_user_role)
session.add(app_user)
session.flush()
return cast(SystemUserModel, SystemUserModel.from_orm(app_user))
def test_authorize_user_incorrect_password(
self,
test_simple_auth_manager: SimpleAdminAuthorizationManager,
test_username: StringField,
test_password: PasswordField,
) -> None:
with db.create_session() as session:
session.add(
db.UserRole(login=test_username.data,
password=test_password.data,
role=db.Role.user))
incorrect_password_field = MagicMock()
incorrect_password_field.data = "incorrect_password"
assert (test_simple_auth_manager.authorize_user(
username_field=test_username,
password_field=incorrect_password_field) is None)
def test_authorize_user_has_user(
self,
test_simple_auth_manager: SimpleAdminAuthorizationManager,
test_username: StringField,
test_password: PasswordField,
user_role: db.Role,
) -> None:
with db.create_session() as session:
session.add(
db.UserRole(login=test_username.data,
password=test_password.data,
role=user_role))
user = test_simple_auth_manager.authorize_user(
username_field=test_username, password_field=test_password)
assert user is not None
assert user.login == test_username.data
assert user.password == test_password.data
assert user.role is user_role
def test_authorize_user_has_user(
self,
mocked_ldap_authenticator: MagicMock,
test_ldap_auth_manager: LDAPAdminAuthorizationManager,
test_db_groups: List[str],
test_username: StringField,
test_password: PasswordField,
user_role: db.Role,
) -> None:
mocked_ldap_authenticator.get_user_groups.return_value = test_db_groups
with db.create_session() as session:
session.add(
db.UserRole(login=test_username.data,
password=None,
role=user_role))
user = test_ldap_auth_manager.authorize_user(
username_field=test_username, password_field=test_password)
assert user is not None
assert user.login == test_username.data
assert user.password is None # LDAP auth does not require password
assert user.role is user_role