def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.user_auth = user_auth
def set_up_protected_resources(root_resource, provider, services_factory, checker=None):
if not checker:
checker = LeapPasswordChecker(provider)
session_checker = SessionChecker()
anonymous_resource = LoginResource(services_factory)
realm = PixelatedRealm(root_resource, anonymous_resource)
_portal = portal.Portal(realm, [checker, session_checker, AllowAnonymousAccess()])
protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, [])
anonymous_resource.set_portal(_portal)
root_resource.initialize(_portal)
return protected_resource
def set_up_protected_resources(root_resource, provider, services_factory, checker=None, banner=None):
if not checker:
checker = LeapPasswordChecker(provider)
session_checker = SessionChecker(services_factory)
anonymous_resource = LoginResource(services_factory, disclaimer_banner=banner)
realm = PixelatedRealm(root_resource, anonymous_resource)
_portal = portal.Portal(realm, [checker, session_checker, AllowAnonymousAccess()])
protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, [])
anonymous_resource.set_portal(_portal)
root_resource.initialize(_portal, disclaimer_banner=banner)
return protected_resource
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.user_auth = user_auth
def initialize(self, portal=None, disclaimer_banner=None):
self._child_resources.add('sandbox',
SandboxResource(self._static_folder))
self._child_resources.add('assets', File(self._static_folder))
self._child_resources.add('keys', KeysResource(self._services_factory))
self._child_resources.add(AttachmentsResource.BASE_URL,
AttachmentsResource(self._services_factory))
self._child_resources.add('contacts',
ContactsResource(self._services_factory))
self._child_resources.add('features', FeaturesResource(portal))
self._child_resources.add('tags', TagsResource(self._services_factory))
self._child_resources.add('mails',
MailsResource(self._services_factory))
self._child_resources.add('mail', MailResource(self._services_factory))
self._child_resources.add('feedback',
FeedbackResource(self._services_factory))
self._child_resources.add('user-settings',
UserSettingsResource(self._services_factory))
self._child_resources.add(
LoginResource.BASE_URL,
LoginResource(self._services_factory,
portal,
disclaimer_banner=disclaimer_banner))
self._child_resources.add(LogoutResource.BASE_URL,
LogoutResource(self._services_factory))
self._mode = MODE_RUNNING
def setUp(self):
self.services_factory = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.provider)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
self.user_auth = user_auth
def initialize(self, provider=None, disclaimer_banner=None, authenticator=None):
self._child_resources.add('assets', File(self._protected_static_folder))
self._child_resources.add(AccountRecoveryResource.BASE_URL, AccountRecoveryResource(self._services_factory))
self._child_resources.add('backup-account', BackupAccountResource(self._services_factory, authenticator, provider))
self._child_resources.add('sandbox', SandboxResource(self._protected_static_folder))
self._child_resources.add('keys', KeysResource(self._services_factory))
self._child_resources.add(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory))
self._child_resources.add('contacts', ContactsResource(self._services_factory))
self._child_resources.add('features', FeaturesResource(provider))
self._child_resources.add('tags', TagsResource(self._services_factory))
self._child_resources.add('mails', MailsResource(self._services_factory))
self._child_resources.add('mail', MailResource(self._services_factory))
self._child_resources.add('feedback', FeedbackResource(self._services_factory))
self._child_resources.add('user-settings', UserSettingsResource(self._services_factory))
self._child_resources.add('users', UsersResource(self._services_factory))
self._child_resources.add(LoginResource.BASE_URL,
LoginResource(self._services_factory, provider, disclaimer_banner=disclaimer_banner, authenticator=authenticator))
self._child_resources.add(LogoutResource.BASE_URL, LogoutResource(self._services_factory))
self._mode = MODE_RUNNING
def set_up_protected_resources(root_resource,
provider,
services_factory,
banner=None,
authenticator=None):
auth = authenticator or Authenticator(provider)
session_checker = SessionChecker(services_factory)
realm = PixelatedRealm()
_portal = portal.Portal(realm, [session_checker, AllowAnonymousAccess()])
anonymous_resource = LoginResource(services_factory,
provider,
disclaimer_banner=banner,
authenticator=auth)
protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource,
anonymous_resource, [])
root_resource.initialize(provider,
disclaimer_banner=banner,
authenticator=auth)
return protected_resource
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.user_auth = user_auth
def mock_user_has_services_setup(self):
when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True)
def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant))
when(self.services_factory).create_services_from(self.leap_session).thenAnswer(self.mock_user_has_services_setup)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).create_services_from(self.leap_session)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_login_does_not_reload_services_if_already_loaded(self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant))
when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).is_logged_in('some_user_uuid')
verifyNoMoreInteractions(self.services_factory)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_should_return_form_back_with_error_message_when_login_fails(self):
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid credentials', written_response)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create')
@patch('leap.auth.SRPAuth.authenticate')
@patch('pixelated.config.services.Services.setup')
def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create):
mock_leap_srp_auth.side_effect = SRPAuthenticationError()
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertFalse(mock_leap_session_create.called)
self.assertFalse(mock_service_setup.called)
self.assertEqual(401, self.request.responseCode)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_not_process_login_if_already_logged_in(self, mock_logged_in, mock_redirect):
mock_logged_in.return_value = True
when(self.services_factory).is_logged_in(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verifyZeroInteractions(self.portal)
mock_redirect.assert_called_once_with('/', self.request)
d.addCallback(assert_login_setup_service_for_user)
return d
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.user_auth = user_auth
def mock_user_has_services_setup(self):
when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(
True)
def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(
self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn(
(irrelevant, self.leap_session, irrelevant))
when(self.services_factory).create_services_from(
self.leap_session).thenAnswer(self.mock_user_has_services_setup)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).create_services_from(
self.leap_session)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_login_does_not_reload_services_if_already_loaded(self):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn(
(irrelevant, self.leap_session, irrelevant))
when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(
True)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
verify(self.services_factory).is_logged_in('some_user_uuid')
verifyNoMoreInteractions(self.services_factory)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_should_return_form_back_with_error_message_when_login_fails(self):
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid credentials', written_response)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create')
@patch('leap.auth.SRPAuth.authenticate')
@patch('pixelated.config.services.Services.setup')
def test_leap_session_is_not_created_when_leap_auth_fails(
self, mock_service_setup, mock_leap_srp_auth,
mock_leap_session_create):
mock_leap_srp_auth.side_effect = SRPAuthenticationError()
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertFalse(mock_leap_session_create.called)
self.assertFalse(mock_service_setup.called)
self.assertEqual(401, self.request.responseCode)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_not_process_login_if_already_logged_in(
self, mock_logged_in, mock_redirect):
mock_logged_in.return_value = True
when(self.services_factory).is_logged_in(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verifyZeroInteractions(self.portal)
mock_redirect.assert_called_once_with('/', self.request)
d.addCallback(assert_login_setup_service_for_user)
return d
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.provider = mock()
self.resource = LoginResource(self.services_factory, self.provider)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
self.user_auth = user_auth
@patch('pixelated.authentication.Authenticator.authenticate')
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_redirect_to_home_if_user_if_already_logged_in(self, mock_logged_in, mock_redirect, mock_authenticate):
mock_logged_in.return_value = True
when(self.services_factory).has_session(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
d = self.web.get(self.request)
def assert_redirected_to_home(_):
mock_redirect.assert_called_once_with('/', self.request)
self.assertFalse(mock_authenticate.called)
d.addCallback(assert_redirected_to_home)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_should_return_form_back_with_error_message_when_login_fails(self, mock_authenticate,
mock_user_bootstrap_setup):
mock_authenticate.side_effect = UnauthorizedLogin()
d = self.web.get(self.request)
def assert_error_response_and_user_services_not_setup(_):
mock_authenticate.assert_called_once_with(self.username, self.password)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid username or password', written_response)
self.assertFalse(mock_user_bootstrap_setup.called)
self.assertFalse(self.resource.get_session(self.request).is_logged_in())
d.addCallback(assert_error_response_and_user_services_not_setup)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_successful_login_responds_interstitial(self, mock_authenticate, mock_user_bootstrap_setup):
mock_authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_interstitial_in_response(_):
mock_authenticate.assert_called_once_with(self.username, self.password)
interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
d.addCallback(assert_interstitial_in_response)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_successful_login_runs_user_services_bootstrap_when_interstitial_loaded(self, mock_authenticate, mock_user_bootstrap_setup):
mock_authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
mock_user_bootstrap_setup.assert_called_once_with(self.user_auth, self.password, 'pt-BR')
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('pixelated.authentication.Authenticator.authenticate')
def test_successful_adds_cookies_to_indicat_logged_in_status_when_services_are_loaded(self, mock_authenticate, mock_user_bootstrap_setup):
mock_authenticate.return_value = self.user_auth
irrelevant = None
mock_user_bootstrap_setup.return_value = defer.succeed(irrelevant)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
self.assertTrue(self.resource.get_session(self.request).is_logged_in())
d.addCallback(assert_login_setup_service_for_user)
return d
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.provider = mock()
self.authenticator = MagicMock()
self.resource = LoginResource(self.services_factory, self.provider, authenticator=self.authenticator)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = '******'
self.request.addArg('username', username)
password = '******'
self.username = username
self.password = password
self.request.addArg('password', password)
self.request.method = 'POST'
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
self.user_auth = user_auth
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_redirect_to_home_if_user_if_already_logged_in(self, mock_logged_in, mock_redirect):
mock_logged_in.return_value = True
when(self.services_factory).has_session(ANY()).thenReturn(True)
mock_redirect.return_value = "mocked redirection"
d = self.web.get(self.request)
def assert_redirected_to_home(_):
mock_redirect.assert_called_once_with('/', self.request)
self.assertFalse(self.authenticator.authenticate.called)
d.addCallback(assert_redirected_to_home)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
@patch('twisted.web.util.redirectTo')
def test_should_redirect_to_login_with_error_flag_when_login_fails(self,
mock_redirect,
mock_user_bootstrap_setup):
self.authenticator.authenticate.side_effect = UnauthorizedLogin()
mock_redirect.return_value = "mocked redirection"
d = self.web.get(self.request)
def assert_redirected_to_login(_):
self.authenticator.authenticate.assert_called_once_with(self.username, self.password)
mock_redirect.assert_called_once_with('/login?auth-error', self.request)
self.assertFalse(mock_user_bootstrap_setup.called)
self.assertFalse(self.resource.get_session(self.request).is_logged_in())
d.addCallback(assert_redirected_to_login)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
def test_successful_login_responds_interstitial(self, mock_user_bootstrap_setup):
self.authenticator.authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_interstitial_in_response(_):
self.authenticator.authenticate.assert_called_once_with(self.username, self.password)
interstitial_js_in_template = '<script src="/public/interstitial.js"></script>'
self.assertIn(interstitial_js_in_template, self.request.written[0])
d.addCallback(assert_interstitial_in_response)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
def test_successful_login_runs_user_services_bootstrap_when_interstitial_loaded(self, mock_user_bootstrap_setup):
self.authenticator.authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
mock_user_bootstrap_setup.assert_called_once_with(self.user_auth, self.password, 'en-US')
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.config.leap.BootstrapUserServices.setup')
def test_successful_adds_cookies_to_indicate_logged_in_status_when_services_are_loaded(self, mock_user_bootstrap_setup):
self.authenticator.authenticate.return_value = self.user_auth
irrelevant = None
mock_user_bootstrap_setup.return_value = defer.succeed(irrelevant)
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
self.assertTrue(self.resource.get_session(self.request).is_logged_in())
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.resources.session.PixelatedSession.login_started')
def test_session_adds_login_started_status_after_authentication(self, mock_login_started):
self.authenticator.authenticate.return_value = self.user_auth
d = self.web.get(self.request)
def assert_login_started_called(_):
mock_login_started.assert_called_once()
d.addCallback(assert_login_started_called)
return d
@patch('pixelated.resources.session.PixelatedSession.login_successful')
@patch('pixelated.config.leap.BootstrapUserServices.setup')
def test_session_adds_login_successful_status_when_services_setup_finishes(self, mock_user_bootstrap_setup, mock_login_successful):
self.authenticator.authenticate.return_value = self.user_auth
mock_user_bootstrap_setup.return_value = defer.succeed(None)
d = self.web.get(self.request)
def assert_login_successful_called(_):
mock_login_successful.assert_called_once()
d.addCallback(assert_login_successful_called)
return d
@patch('pixelated.resources.session.PixelatedSession.login_error')
@patch('pixelated.config.leap.BootstrapUserServices.setup')
def test_session_adds_login_error_status_when_services_setup_gets_error(self, mock_user_bootstrap_setup, mock_login_error):
self.authenticator.authenticate.return_value = self.user_auth
mock_user_bootstrap_setup.return_value = defer.fail(Exception('Could not setup user services'))
d = self.web.get(self.request)
def assert_login_error_called(_):
mock_login_error.assert_called_once()
d.addCallback(assert_login_error_called)
return d
