arcanis/ahriman
1
0
Fork 0
mirror of https://github.com/arcan1s/ahriman.git synced 2025-07-23 10:49:55 +00:00
Code Issues Projects Releases Wiki Activity

expiration on server side support (#33)

Browse Source
This commit is contained in:
Evgenii Alekseev
2021-09-13 01:10:09 +03:00
committed by Evgeniy Alekseev
parent d211cc17c6
commit 6f5b28c4f8
8 changed files with 197 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/ahriman/web/middlewares/test_auth_handler.py
View File

@ -7,15 +7,26 @@ from unittest.mock import AsyncMock
from ahriman.core.auth.auth import Auth
from ahriman.models.user import User
from ahriman.models.user_access import UserAccess
from ahriman.models.user_identity import UserIdentity
from ahriman.web.middlewares.auth_handler import auth_handler, AuthorizationPolicy, setup_auth
def _identity(username: str) -> str:
"""
generate identity from user
:param user: user fixture object
:return: user identity string
"""
return f"{username} {UserIdentity.expire_when(60)}"
async def test_authorized_userid(authorization_policy: AuthorizationPolicy, user: User) -> None:
"""
must return authorized user id
"""
assert await authorization_policy.authorized_userid(user.username) == user.username
assert await authorization_policy.authorized_userid("some random name") is None
assert await authorization_policy.authorized_userid(_identity(user.username)) == user.username
assert await authorization_policy.authorized_userid(_identity("somerandomname")) is None
assert await authorization_policy.authorized_userid("somerandomname") is None
async def test_permits(authorization_policy: AuthorizationPolicy, user: User) -> None:
@ -23,11 +34,14 @@ async def test_permits(authorization_policy: AuthorizationPolicy, user: User) ->
must call validator check
"""
authorization_policy.validator = AsyncMock()
authorization_policy.validator.verify_access.return_value = True
authorization_policy.validator.verify_access.side_effect = lambda username, *args: username == user.username
assert await authorization_policy.permits(user.username, user.access, "/endpoint")
assert await authorization_policy.permits(_identity(user.username), user.access, "/endpoint")
authorization_policy.validator.verify_access.assert_called_with(user.username, user.access, "/endpoint")
assert not await authorization_policy.permits(_identity("somerandomname"), user.access, "/endpoint")
assert not await authorization_policy.permits(user.username, user.access, "/endpoint")
async def test_auth_handler_api(auth: Auth, mocker: MockerFixture) -> None:
"""

4
tests/ahriman/web/views/user/test_views_user_login.py
View File

@ -45,7 +45,8 @@ async def test_get(client_with_auth: TestClient, mocker: MockerFixture) -> None:
oauth = client_with_auth.app["validator"] = MagicMock(spec=OAuth)
oauth.get_oauth_username.return_value = "user"
oauth.known_username.return_value = True
oauth.enabled = False # lol
oauth.enabled = False # lol\
oauth.max_age = 60
remember_mock = mocker.patch("aiohttp_security.remember")
get_response = await client_with_auth.get("/user-api/v1/login", params={"code": "code"})
@ -62,6 +63,7 @@ async def test_get_unauthorized(client_with_auth: TestClient, mocker: MockerFixt
"""
oauth = client_with_auth.app["validator"] = MagicMock(spec=OAuth)
oauth.known_username.return_value = False
oauth.max_age = 60
remember_mock = mocker.patch("aiohttp_security.remember")
get_response = await client_with_auth.get("/user-api/v1/login", params={"code": "code"})