def test_05_multiple_entries(self):
# two consistent entries
now = datetime.now()
UserCache("hans1", "hans1", "resolver1", "uid1",
now - timedelta(seconds=60)).save()
UserCache("hans1", "hans1", "resolver1", "uid1", now).save()
r = UserCache.query.filter(UserCache.username == "hans1",
UserCache.resolver == "resolver1")
self.assertEquals(r.count(), 2)
u_name = get_username("uid1", "resolver1")
self.assertEqual(u_name, "hans1")
r = delete_user_cache()
# two inconsistent entries: most recent entry (ordered by datetime) wins
UserCache("hans2", "hans2", "resolver1", "uid1", now).save()
UserCache("hans1", "hans1", "resolver1", "uid1",
now - timedelta(seconds=60)).save()
r = UserCache.query.filter(UserCache.user_id == "uid1",
UserCache.resolver == "resolver1")
self.assertEquals(r.count(), 2)
u_name = get_username("uid1", "resolver1")
self.assertEqual(u_name, "hans2")
# Clean up the cache
r = delete_user_cache()
def test_23_usercache(self):
username = "******"
resolver = "resolver1"
user_id = 1
timestamp = datetime.now()
# create a user in the cache
cached_user = UserCache(username, resolver, user_id, timestamp)
self.assertTrue(cached_user)
cached_user.save()
# search a user in the cache
find_user = UserCache.query.filter(UserCache.username ==
username).first()
self.assertTrue(find_user)
self.assertEqual(find_user.user_id, str(user_id))
self.assertEqual(find_user.resolver, resolver)
self.assertEqual(find_user.timestamp, timestamp) # TODO: Sensible, or might we have a small loss of precision?
# delete the user from the cache
r = find_user.delete()
self.assertTrue(r)
find_user = UserCache.query.filter(UserCache.username ==
username).first()
self.assertFalse(find_user)
def test_23_usercache(self):
username = "******"
resolver = "resolver1"
user_id = 1
timestamp = datetime.now()
# create a user in the cache
cached_user = UserCache(username, resolver, user_id, timestamp)
self.assertTrue(cached_user)
cached_user.save()
# search a user in the cache
find_user = UserCache.query.filter(
UserCache.username == username).first()
self.assertTrue(find_user)
self.assertEqual(find_user.user_id, str(user_id))
self.assertEqual(find_user.resolver, resolver)
self.assertEqual(
find_user.timestamp, timestamp
) # TODO: Sensible, or might we have a small loss of precision?
# delete the user from the cache
r = find_user.delete()
self.assertTrue(r)
find_user = UserCache.query.filter(
UserCache.username == username).first()
self.assertFalse(find_user)
def _populate_cache(self):
self.assertEquals(UserCache.query.count(), 0)
# initially populate the cache with three entries
timestamp = datetime.now()
UserCache("hans1", "hans1", self.resolvername1, "uid1", timestamp).save()
UserCache("hans2", "hans2", self.resolvername1, "uid2", timestamp - timedelta(weeks=50)).save()
UserCache("hans3", "hans3", "resolver2", "uid2", timestamp).save()
self.assertEquals(UserCache.query.count(), 3)
def add_to_cache(username, resolver, user_id):
"""
Add the given record to the user cache, if it is enabled.
The user cache is considered disabled if the config option
EXPIRATION_SECONDS is set to 0.
:param username: login name of the user
:param resolver: resolver name of the user
:param user_id: ID of the user in its resolver
"""
if is_cache_enabled():
timestamp = datetime.datetime.now()
record = UserCache(username, resolver, user_id, timestamp)
log.debug('Adding record to cache: ({!r}, {!r}, {!r}, {!r})'.format(
username, resolver, user_id, timestamp))
record.save()
def add_to_cache(username, resolver, user_id):
"""
Add the given record to the user cache, if it is enabled.
The user cache is considered disabled if the config option
EXPIRATION_SECONDS is set to 0.
:param username: login name of the user
:param resolver: resolver name of the user
:param user_id: ID of the user in its resolver
"""
if is_cache_enabled():
timestamp = datetime.datetime.now()
record = UserCache(username, resolver, user_id, timestamp)
log.debug('Adding record to cache: ({!r}, {!r}, {!r}, {!r})'.format(
username, resolver, user_id, timestamp))
record.save()
def test_06_implicit_cache_population(self):
self._create_realm()
# testing `get_username`
self.assertEquals(UserCache.query.count(), 0)
# the cache is empty, so the username is read from the resolver
u_name = get_username(self.uid, self.resolvername1)
self.assertEqual(self.username, u_name)
# it should be part of the cache now
r = UserCache.query.filter(
UserCache.user_id == self.uid,
UserCache.resolver == self.resolvername1).one()
self.assertEqual(self.username, r.username)
# Apart from that, the cache should be empty.
self.assertEqual(UserCache.query.count(), 1)
r = delete_user_cache()
# testing `User()`, but this time we add an already-expired entry to the cache
self.assertEquals(UserCache.query.count(), 0)
UserCache(self.username, self.username, self.resolvername1, 'fake_uid',
datetime.now() - timedelta(weeks=50)).save()
# cache contains an expired entry, uid is read from the resolver (we can verify
# that the cache entry is indeed not queried as it contains 'fake_uid' instead of the correct uid)
user = User(self.username, self.realm1, self.resolvername1)
self.assertEqual(user.uid, self.uid)
# a new entry should have been added to the cache now
r = retrieve_latest_entry((UserCache.username == self.username)
& (UserCache.resolver == self.resolvername1))
self.assertEqual(self.uid, r.user_id)
# But the expired entry is also still in the cache
self.assertEqual(UserCache.query.count(), 2)
r = delete_user_cache()
self._delete_realm()
def test_11_cache_expiration(self):
# delete user_cache
r = delete_user_cache()
self.assertTrue(r >= 0)
# populate the cache with artificial, somewhat "old", but still relevant data
timestamp = datetime.now() - timedelta(seconds=300)
UserCache("hans1", "hans1", "resolver1", "uid1", timestamp).save()
UserCache("hans2", "hans2", "resolver1", "uid2", timestamp).save()
# check that the cache is indeed queried
self.assertEqual(get_username("uid1", "resolver1"), "hans1")
self.assertEqual(User("hans2", "realm1", "resolver1").uid, "uid2")
# check that the (non-existent) resolver is queried
# for entries not contained in the cache
self.assertEqual(get_username("uid3", "resolver1"), "")
# TODO: Interestingly, if we mock `datetime` here to increase the time by one
# day, this test works, but a subsequent test (test_ui_certificate) will fail
# with weird error messages. So we do not use the datetime mock for now.
#with self._patch_datetime_now('privacyidea.lib.usercache.datetime.datetime') as mock_datetime:
with patch('privacyidea.lib.usercache.get_cache_time'
) as mock_get_cache_time:
# Instead, we just decrease the cache time from 600 to 60 seconds,
# which causes the entries above to be considered expired
mock_get_cache_time.return_value = timedelta(seconds=60)
# check that the cached entries are not queried anymore
self.assertEqual(UserCache.query.count(), 2)
self.assertEqual(get_username("uid1", "resolver1"), "")
with self.assertRaises(UserError):
User("hans2", "realm1", "resolver1")
self.assertEqual(get_username("uid3", "resolver1"), "")
# We add another, "current" entry
UserCache("hans4", "hans4", "resolver1", "uid4",
datetime.now()).save()
self.assertEqual(UserCache.query.count(), 3)
# we now remove old entries, only the newest remains
delete_user_cache(expired=True)
self.assertEqual(UserCache.query.count(), 1)
self.assertEqual(UserCache.query.one().user_id, "uid4")
# clean up
delete_user_cache()
def test_23_usercache(self):
username = "******"
resolver = "resolver1"
user_id = 1
# we don't need a timestamp with microseconds here, the MySQL DATETIME
# type doesn't support it out of the box anyway
timestamp = datetime.now().replace(microsecond=0)
# create a user in the cache
cached_user = UserCache(username, username, resolver, user_id,
timestamp)
self.assertTrue(cached_user)
cached_user.save()
# search a user in the cache
find_user = UserCache.query.filter(
UserCache.username == username).first()
self.assertTrue(find_user)
self.assertEqual(find_user.user_id, str(user_id))
self.assertEqual(find_user.resolver, resolver)
self.assertEqual(
find_user.timestamp, timestamp
) # TODO: Sensible, or might we have a small loss of precision?
# search the user by his used_login
# search a user in the cache
find_user = UserCache.query.filter(
UserCache.used_login == username).first()
self.assertTrue(find_user)
self.assertEqual(find_user.user_id, str(user_id))
self.assertEqual(find_user.resolver, resolver)
# delete the user from the cache
r = find_user.delete()
self.assertTrue(r)
find_user = UserCache.query.filter(
UserCache.username == username).first()
self.assertFalse(find_user)
def test_04_delete_cache(self):
now = datetime.now()
UserCache("hans1", "hans1", "resolver1", "uid1", now).save()
UserCache("hans2", "hans1", "resolver2", "uid2", now).save()
r = UserCache.query.filter(UserCache.username == "hans1").first()
self.assertTrue(r)
r = UserCache.query.filter(UserCache.username == "hans2").first()
self.assertTrue(r)
# delete hans1
delete_user_cache(username="******")
r = UserCache.query.filter(UserCache.username == "hans1").first()
self.assertFalse(r)
r = UserCache.query.filter(UserCache.username == "hans2").first()
self.assertTrue(r)
# delete resolver2
delete_user_cache(resolver="resolver2")
r = UserCache.query.filter(UserCache.username == "hans1").first()
self.assertFalse(r)
r = UserCache.query.filter(UserCache.username == "hans2").first()
self.assertFalse(r)
def test_03_get_identifiers(self):
# create realm
self._create_realm()
# delete user_cache
r = delete_user_cache()
self.assertTrue(r >= 0)
# The username is not in the cache. It is fetched from the resolver
# At the same time the cache is filled. Implicitly we test the
# _get_resolvers!
user = User(self.username, self.realm1, self.resolvername1)
uids = user.get_user_identifiers()
self.assertEqual(user.login, self.username)
self.assertEqual(user.uid, self.uid)
# Now, the cache should have exactly one entry
entry = UserCache.query.one()
self.assertEqual(entry.user_id, self.uid)
self.assertEqual(entry.username, self.username)
self.assertEqual(entry.resolver, self.resolvername1)
ts = entry.timestamp
# delete the resolver, which also purges the cache
self._delete_realm()
# manually re-add the entry from above
UserCache(self.username, self.username, self.resolvername1, self.uid,
ts).save()
# the username is fetched from the cache
u_name = get_username(self.uid, self.resolvername1)
self.assertEqual(u_name, self.username)
# The `User` class also fetches the UID from the cache
user2 = User(self.username, self.realm1, self.resolvername1)
self.assertEqual(user2.uid, self.uid)
# delete the cache
r = delete_user_cache()
# try to fetch the username. It is not in the cache and the
# resolver does not exist anymore.
u_name = get_username(self.uid, self.resolvername1)
self.assertEqual(u_name, "")
# similar case for the `User` class
# The `User` class also tries to fetch the UID from the cache
with self.assertRaises(UserError):
user3 = User(self.username, self.realm1, self.resolvername1)
def test_01_get_username_from_cache(self):
# If a username is already contained in the cache, the function
# lib.user.get_username will return the cache value
username = "******"
resolver = "resolver1"
uid = "1"
expiration_delta = get_cache_time()
r = UserCache(username, username, resolver, uid, datetime.now()).save()
u_name = get_username(uid, resolver)
self.assertEqual(u_name, username)
# A non-existing user is not in the cache and returns and empty username
u_name = get_username(uid, "resolver_does_not_exist")
self.assertEqual(u_name, "")
def test_02_get_resolvers(self):
# enable user cache
set_privacyidea_config(EXPIRATION_SECONDS, 600)
# create realm
self._create_realm()
# delete user_cache
r = delete_user_cache()
self.assertTrue(r >= 0)
# The username is not in the cache. It is fetched from the resolver
# At the same time the cache is filled.
user = User(self.username, self.realm1)
self.assertEqual(user.login, self.username)
# The user ID is fetched from the resolver
self.assertEqual(user.uid, self.uid)
# Now, the cache should have exactly one entry
entry = UserCache.query.one()
self.assertEqual(entry.user_id, self.uid)
self.assertEqual(entry.username, self.username)
self.assertEqual(entry.resolver, self.resolvername1)
ts = entry.timestamp
# delete the resolver, which also purges the cache
self._delete_realm()
# manually re-add the entry from above
UserCache(self.username, self.username, self.resolvername1, self.uid,
ts).save()
# the username is fetched from the cache
u_name = get_username(self.uid, self.resolvername1)
self.assertEqual(u_name, self.username)
# delete the cache
r = delete_user_cache()
# try to fetch the username. It is not in the cache and the
# resolver does not exist anymore.
u_name = get_username(self.uid, self.resolvername1)
self.assertEqual(u_name, "")
