def test_identity_no_user(self, monkeypatch): userid = pretend.stub() session_helper_obj = pretend.stub( authenticated_userid=pretend.call_recorder(lambda r: userid)) session_helper_cls = pretend.call_recorder(lambda: session_helper_obj) monkeypatch.setattr(security_policy, "SessionAuthenticationHelper", session_helper_cls) policy = security_policy.SessionSecurityPolicy() vary_cb = pretend.stub() add_vary_cb = pretend.call_recorder(lambda *v: vary_cb) monkeypatch.setattr(security_policy, "add_vary_callback", add_vary_cb) user_service = pretend.stub( get_user=pretend.call_recorder(lambda uid: None)) request = pretend.stub( add_response_callback=pretend.call_recorder(lambda cb: None), matched_route=pretend.stub(name="a.permitted.route"), find_service=pretend.call_recorder(lambda i, **kw: user_service), ) assert policy.identity(request) is None assert request.authentication_method == AuthenticationMethod.SESSION assert session_helper_obj.authenticated_userid.calls == [ pretend.call(request) ] assert session_helper_cls.calls == [pretend.call()] assert request.find_service.calls == [ pretend.call(IUserService, context=None) ] assert user_service.get_user.calls == [pretend.call(userid)] assert add_vary_cb.calls == [pretend.call("Cookie")] assert request.add_response_callback.calls == [pretend.call(vary_cb)]
def test_forget_and_remember(self, monkeypatch): request = pretend.stub() userid = pretend.stub() forgets = pretend.stub() remembers = pretend.stub() session_helper_obj = pretend.stub( forget=pretend.call_recorder(lambda r, **kw: forgets), remember=pretend.call_recorder(lambda r, uid, **kw: remembers), ) session_helper_cls = pretend.call_recorder(lambda: session_helper_obj) monkeypatch.setattr(security_policy, "SessionAuthenticationHelper", session_helper_cls) policy = security_policy.SessionSecurityPolicy() assert session_helper_cls.calls == [pretend.call()] assert policy.forget(request, foo=None) == forgets assert session_helper_obj.forget.calls == [ pretend.call(request, foo=None) ] assert policy.remember(request, userid, foo=None) == remembers assert session_helper_obj.remember.calls == [ pretend.call(request, userid, foo=None) ]
def test_identity_password_outdated(self, monkeypatch): userid = pretend.stub() session_helper_obj = pretend.stub( authenticated_userid=pretend.call_recorder(lambda r: userid)) session_helper_cls = pretend.call_recorder(lambda: session_helper_obj) monkeypatch.setattr(security_policy, "SessionAuthenticationHelper", session_helper_cls) policy = security_policy.SessionSecurityPolicy() vary_cb = pretend.stub() add_vary_cb = pretend.call_recorder(lambda *v: vary_cb) monkeypatch.setattr(security_policy, "add_vary_callback", add_vary_cb) user = pretend.stub() timestamp = pretend.stub() user_service = pretend.stub( get_user=pretend.call_recorder(lambda uid: user), get_password_timestamp=pretend.call_recorder( lambda uid: timestamp), ) request = pretend.stub( add_response_callback=pretend.call_recorder(lambda cb: None), matched_route=pretend.stub(name="a.permitted.route"), find_service=pretend.call_recorder(lambda i, **kw: user_service), session=pretend.stub( password_outdated=pretend.call_recorder(lambda ts: True), invalidate=pretend.call_recorder(lambda: None), flash=pretend.call_recorder(lambda *a, **kw: None), ), ) assert policy.identity(request) is None assert request.authentication_method == AuthenticationMethod.SESSION assert session_helper_obj.authenticated_userid.calls == [ pretend.call(request) ] assert session_helper_cls.calls == [pretend.call()] assert request.find_service.calls == [ pretend.call(IUserService, context=None) ] assert user_service.get_user.calls == [pretend.call(userid)] assert request.session.password_outdated.calls == [ pretend.call(timestamp) ] assert user_service.get_password_timestamp.calls == [ pretend.call(userid) ] assert request.session.invalidate.calls == [pretend.call()] assert request.session.flash.calls == [ pretend.call("Session invalidated by password change", queue="error") ] assert add_vary_cb.calls == [pretend.call("Cookie")] assert request.add_response_callback.calls == [pretend.call(vary_cb)]
def test_identity_invalid_route(self, monkeypatch): session_helper_obj = pretend.stub() session_helper_cls = pretend.call_recorder(lambda: session_helper_obj) monkeypatch.setattr(security_policy, "SessionAuthenticationHelper", session_helper_cls) policy = security_policy.SessionSecurityPolicy() vary_cb = pretend.stub() add_vary_cb = pretend.call_recorder(lambda *v: vary_cb) monkeypatch.setattr(security_policy, "add_vary_callback", add_vary_cb) request = pretend.stub( add_response_callback=pretend.call_recorder(lambda cb: None), matched_route=pretend.stub(name="forklift.legacy.file_upload"), ) assert policy.identity(request) is None assert request.authentication_method == AuthenticationMethod.SESSION assert session_helper_cls.calls == [pretend.call()] assert add_vary_cb.calls == [pretend.call("Cookie")] assert request.add_response_callback.calls == [pretend.call(vary_cb)]
def test_noops(self): policy = security_policy.SessionSecurityPolicy() assert policy.authenticated_userid(pretend.stub()) == NotImplemented assert (policy.permits(pretend.stub(), pretend.stub(), pretend.stub()) == NotImplemented)