mirror of
https://github.com/arcan1s/ahriman.git
synced 2025-07-23 10:49:55 +00:00
add tests
This commit is contained in:
132
tests/ahriman/application/handlers/test_handler_create_user.py
Normal file
132
tests/ahriman/application/handlers/test_handler_create_user.py
Normal file
@ -0,0 +1,132 @@
|
||||
import argparse
|
||||
import pytest
|
||||
|
||||
from pathlib import Path
|
||||
from pytest_mock import MockerFixture
|
||||
from unittest import mock
|
||||
|
||||
from ahriman.application.handlers import CreateUser
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.models.user import User
|
||||
from ahriman.models.user_access import UserAccess
|
||||
|
||||
|
||||
def _default_args(args: argparse.Namespace) -> argparse.Namespace:
|
||||
"""
|
||||
default arguments for these test cases
|
||||
:param args: command line arguments fixture
|
||||
:return: generated arguments for these test cases
|
||||
"""
|
||||
args.username = "user"
|
||||
args.password = "pa55w0rd"
|
||||
args.role = UserAccess.Status
|
||||
return args
|
||||
|
||||
|
||||
def test_run(args: argparse.Namespace, configuration: Configuration, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must run command
|
||||
"""
|
||||
args = _default_args(args)
|
||||
create_configuration_mock = mocker.patch("ahriman.application.handlers.CreateUser.create_configuration")
|
||||
create_user = mocker.patch("ahriman.application.handlers.CreateUser.create_user")
|
||||
get_salt_mock = mocker.patch("ahriman.application.handlers.CreateUser.get_salt")
|
||||
|
||||
CreateUser.run(args, "x86_64", configuration)
|
||||
create_configuration_mock.assert_called_once()
|
||||
create_user.assert_called_once()
|
||||
get_salt_mock.assert_called_once()
|
||||
|
||||
|
||||
def test_create_configuration(user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must correctly create configuration file
|
||||
"""
|
||||
section = Configuration.section_name("auth", user.access.value)
|
||||
|
||||
mocker.patch("pathlib.Path.open")
|
||||
add_section_mock = mocker.patch("configparser.RawConfigParser.add_section")
|
||||
set_mock = mocker.patch("configparser.RawConfigParser.set")
|
||||
write_mock = mocker.patch("configparser.RawConfigParser.write")
|
||||
|
||||
CreateUser.create_configuration(user, "salt", Path("path"))
|
||||
write_mock.assert_called_once()
|
||||
add_section_mock.assert_has_calls([mock.call("auth"), mock.call(section)])
|
||||
set_mock.assert_has_calls([
|
||||
mock.call("auth", "salt", pytest.helpers.anyvar(str)),
|
||||
mock.call(section, user.username, user.password)
|
||||
])
|
||||
|
||||
|
||||
def test_create_configuration_user_exists(configuration: Configuration, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must correctly update configuration file if user already exists
|
||||
"""
|
||||
section = Configuration.section_name("auth", user.access.value)
|
||||
configuration.add_section(section)
|
||||
configuration.set(section, user.username, "")
|
||||
|
||||
mocker.patch("pathlib.Path.open")
|
||||
mocker.patch("configparser.ConfigParser", return_value=configuration)
|
||||
mocker.patch("configparser.RawConfigParser.write")
|
||||
add_section_mock = mocker.patch("configparser.RawConfigParser.add_section")
|
||||
|
||||
CreateUser.create_configuration(user, "salt", Path("path"))
|
||||
add_section_mock.assert_not_called()
|
||||
assert configuration.get(section, user.username) == user.password
|
||||
|
||||
|
||||
def test_create_configuration_file_exists(user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must correctly update configuration file if file already exists
|
||||
"""
|
||||
mocker.patch("pathlib.Path.open")
|
||||
mocker.patch("pathlib.Path.is_file", return_value=True)
|
||||
mocker.patch("configparser.RawConfigParser.write")
|
||||
read_mock = mocker.patch("configparser.RawConfigParser.read")
|
||||
|
||||
CreateUser.create_configuration(user, "salt", Path("path"))
|
||||
read_mock.assert_called_once()
|
||||
|
||||
|
||||
def test_create_user(args: argparse.Namespace, user: User) -> None:
|
||||
"""
|
||||
must create user
|
||||
"""
|
||||
args = _default_args(args)
|
||||
generated = CreateUser.create_user(args, "salt")
|
||||
assert generated.username == user.username
|
||||
assert generated.check_credentials(user.password, "salt")
|
||||
assert generated.access == user.access
|
||||
|
||||
|
||||
def test_create_user_getpass(args: argparse.Namespace, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must create user and get password from command line
|
||||
"""
|
||||
args = _default_args(args)
|
||||
args.password = None
|
||||
|
||||
getpass_mock = mocker.patch("getpass.getpass", return_value="password")
|
||||
generated = CreateUser.create_user(args, "salt")
|
||||
|
||||
getpass_mock.assert_called_once()
|
||||
assert generated.check_credentials("password", "salt")
|
||||
|
||||
|
||||
def test_get_salt_read(configuration: Configuration) -> None:
|
||||
"""
|
||||
must read salt from configuration
|
||||
"""
|
||||
assert CreateUser.get_salt(configuration) == "salt"
|
||||
|
||||
|
||||
def test_get_salt_generate(configuration: Configuration) -> None:
|
||||
"""
|
||||
must generate salt if it does not exist
|
||||
"""
|
||||
configuration.remove_option("auth", "salt")
|
||||
|
||||
salt = CreateUser.get_salt(configuration, 16)
|
||||
assert salt
|
||||
assert len(salt) == 16
|
@ -6,6 +6,7 @@ from pytest_mock import MockerFixture
|
||||
from ahriman.application.handlers import Handler
|
||||
from ahriman.models.build_status import BuildStatusEnum
|
||||
from ahriman.models.sign_settings import SignSettings
|
||||
from ahriman.models.user_access import UserAccess
|
||||
|
||||
|
||||
def test_parser(parser: argparse.ArgumentParser) -> None:
|
||||
@ -83,6 +84,28 @@ def test_subparsers_config(parser: argparse.ArgumentParser) -> None:
|
||||
assert args.unsafe
|
||||
|
||||
|
||||
def test_subparsers_create_user(parser: argparse.ArgumentParser) -> None:
|
||||
"""
|
||||
create-user command must imply architecture, lock, no-log, no-report and unsafe
|
||||
"""
|
||||
args = parser.parse_args(["create-user", "username"])
|
||||
assert args.architecture == [""]
|
||||
assert args.lock is None
|
||||
assert args.no_log
|
||||
assert args.no_report
|
||||
assert args.unsafe
|
||||
|
||||
|
||||
def test_subparsers_create_user_option_role(parser: argparse.ArgumentParser) -> None:
|
||||
"""
|
||||
create-user command must convert role option to useraccess instance
|
||||
"""
|
||||
args = parser.parse_args(["create-user", "username"])
|
||||
assert isinstance(args.role, UserAccess)
|
||||
args = parser.parse_args(["create-user", "username", "--role", "write"])
|
||||
assert isinstance(args.role, UserAccess)
|
||||
|
||||
|
||||
def test_subparsers_init(parser: argparse.ArgumentParser) -> None:
|
||||
"""
|
||||
init command must imply no_report
|
||||
|
@ -11,7 +11,8 @@ from ahriman.core.status.watcher import Watcher
|
||||
from ahriman.models.package import Package
|
||||
from ahriman.models.package_description import PackageDescription
|
||||
from ahriman.models.repository_paths import RepositoryPaths
|
||||
|
||||
from ahriman.models.user import User
|
||||
from ahriman.models.user_access import UserAccess
|
||||
|
||||
T = TypeVar("T")
|
||||
|
||||
@ -158,6 +159,15 @@ def repository_paths(configuration: Configuration) -> RepositoryPaths:
|
||||
root=configuration.getpath("repository", "root"))
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def user() -> User:
|
||||
"""
|
||||
fixture for user descriptor
|
||||
:return: user descriptor instance
|
||||
"""
|
||||
return User("user", "pa55w0rd", UserAccess.Status)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def watcher(configuration: Configuration, mocker: MockerFixture) -> Watcher:
|
||||
"""
|
||||
|
@ -2,6 +2,7 @@ import pytest
|
||||
|
||||
from ahriman.core.alpm.pacman import Pacman
|
||||
from ahriman.core.alpm.repo import Repo
|
||||
from ahriman.core.auth import Auth
|
||||
from ahriman.core.build_tools.task import Task
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.core.tree import Leaf
|
||||
@ -29,6 +30,15 @@ def leaf_python_schedule(package_python_schedule: Package) -> Leaf:
|
||||
return Leaf(package_python_schedule, set())
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def auth(configuration: Configuration) -> Auth:
|
||||
"""
|
||||
auth provider fixture
|
||||
:return: auth service instance
|
||||
"""
|
||||
return Auth(configuration)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def pacman(configuration: Configuration) -> Pacman:
|
||||
"""
|
||||
|
@ -17,13 +17,21 @@ def test_load_dummy_client(configuration: Configuration) -> None:
|
||||
|
||||
def test_load_full_client(configuration: Configuration) -> None:
|
||||
"""
|
||||
must load full client if no settings set
|
||||
must load full client if settings set
|
||||
"""
|
||||
configuration.set("web", "host", "localhost")
|
||||
configuration.set("web", "port", "8080")
|
||||
assert isinstance(Client.load(configuration), WebClient)
|
||||
|
||||
|
||||
def test_load_full_client_from_address(configuration: Configuration) -> None:
|
||||
"""
|
||||
must load full client if settings set
|
||||
"""
|
||||
configuration.set("web", "address", "http://localhost:8080")
|
||||
assert isinstance(Client.load(configuration), WebClient)
|
||||
|
||||
|
||||
def test_add(client: Client, package_ahriman: Package) -> None:
|
||||
"""
|
||||
must process package addition without errors
|
||||
|
@ -5,10 +5,12 @@ import requests
|
||||
from pytest_mock import MockerFixture
|
||||
from requests import Response
|
||||
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.core.status.web_client import WebClient
|
||||
from ahriman.models.build_status import BuildStatus, BuildStatusEnum
|
||||
from ahriman.models.internal_status import InternalStatus
|
||||
from ahriman.models.package import Package
|
||||
from ahriman.models.user import User
|
||||
|
||||
|
||||
def test_ahriman_url(web_client: WebClient) -> None:
|
||||
@ -27,6 +29,60 @@ def test_status_url(web_client: WebClient) -> None:
|
||||
assert web_client._status_url.endswith("/api/v1/status")
|
||||
|
||||
|
||||
def test_parse_address(configuration: Configuration) -> None:
|
||||
"""
|
||||
must extract address correctly
|
||||
"""
|
||||
configuration.set("web", "host", "localhost")
|
||||
configuration.set("web", "port", "8080")
|
||||
assert WebClient.parse_address(configuration) == "http://localhost:8080"
|
||||
|
||||
configuration.set("web", "address", "http://localhost:8081")
|
||||
assert WebClient.parse_address(configuration) == "http://localhost:8081"
|
||||
|
||||
|
||||
def test_login(web_client: WebClient, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must login user
|
||||
"""
|
||||
web_client.user = user
|
||||
requests_mock = mocker.patch("requests.Session.post")
|
||||
payload = {
|
||||
"username": user.username,
|
||||
"password": user.password
|
||||
}
|
||||
|
||||
web_client._login()
|
||||
requests_mock.assert_called_with(pytest.helpers.anyvar(str, True), json=payload)
|
||||
|
||||
|
||||
def test_login_failed(web_client: WebClient, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must suppress any exception happened during login
|
||||
"""
|
||||
web_client.user = user
|
||||
mocker.patch("requests.Session.post", side_effect=Exception())
|
||||
web_client._login()
|
||||
|
||||
|
||||
def test_login_failed_http_error(web_client: WebClient, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must suppress any exception happened during login
|
||||
"""
|
||||
web_client.user = user
|
||||
mocker.patch("requests.Session.post", side_effect=requests.exceptions.HTTPError())
|
||||
web_client._login()
|
||||
|
||||
|
||||
def test_login_skip(web_client: WebClient, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must skip login if no user set
|
||||
"""
|
||||
requests_mock = mocker.patch("requests.Session.post")
|
||||
web_client._login()
|
||||
requests_mock.assert_not_called()
|
||||
|
||||
|
||||
def test_package_url(web_client: WebClient, package_ahriman: Package) -> None:
|
||||
"""
|
||||
must generate package status correctly
|
||||
|
83
tests/ahriman/core/test_auth.py
Normal file
83
tests/ahriman/core/test_auth.py
Normal file
@ -0,0 +1,83 @@
|
||||
from ahriman.core.auth import Auth
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.models.user import User
|
||||
from ahriman.models.user_access import UserAccess
|
||||
|
||||
|
||||
def test_get_users(auth: Auth, configuration: Configuration) -> None:
|
||||
"""
|
||||
must return valid user list
|
||||
"""
|
||||
user_write = User("user_write", "pwd_write", UserAccess.Write)
|
||||
write_section = Configuration.section_name("auth", user_write.access.value)
|
||||
configuration.add_section(write_section)
|
||||
configuration.set(write_section, user_write.username, user_write.password)
|
||||
user_read = User("user_read", "pwd_read", UserAccess.Read)
|
||||
read_section = Configuration.section_name("auth", user_read.access.value)
|
||||
configuration.add_section(read_section)
|
||||
configuration.set(read_section, user_read.username, user_read.password)
|
||||
|
||||
users = auth.get_users(configuration)
|
||||
expected = {user_write.username: user_write, user_read.username: user_read}
|
||||
assert users == expected
|
||||
|
||||
|
||||
def test_check_credentials(auth: Auth, user: User) -> None:
|
||||
"""
|
||||
must return true for valid credentials
|
||||
"""
|
||||
current_password = user.password
|
||||
user.password = user.generate_password(user.password, auth.salt)
|
||||
auth.users[user.username] = user
|
||||
assert auth.check_credentials(user.username, current_password)
|
||||
assert not auth.check_credentials(user.username, user.password) # here password is hashed so it is invalid
|
||||
|
||||
|
||||
def test_check_credentials_empty(auth: Auth) -> None:
|
||||
"""
|
||||
must reject on empty credentials
|
||||
"""
|
||||
assert not auth.check_credentials(None, "")
|
||||
assert not auth.check_credentials("", None)
|
||||
assert not auth.check_credentials(None, None)
|
||||
|
||||
|
||||
def test_check_credentials_unknown(auth: Auth, user: User) -> None:
|
||||
"""
|
||||
must reject on unknown user
|
||||
"""
|
||||
assert not auth.check_credentials(user.username, user.password)
|
||||
|
||||
|
||||
def test_is_safe_request(auth: Auth) -> None:
|
||||
"""
|
||||
must validate safe request
|
||||
"""
|
||||
# login and logout are always safe
|
||||
assert auth.is_safe_request("/login")
|
||||
assert auth.is_safe_request("/logout")
|
||||
|
||||
auth.allowed_paths.add("/safe")
|
||||
auth.allowed_paths_groups.add("/unsafe/safe")
|
||||
|
||||
assert auth.is_safe_request("/safe")
|
||||
assert not auth.is_safe_request("/unsafe")
|
||||
assert auth.is_safe_request("/unsafe/safe")
|
||||
assert auth.is_safe_request("/unsafe/safe/suffix")
|
||||
|
||||
|
||||
def test_is_safe_request_empty(auth: Auth) -> None:
|
||||
"""
|
||||
must not allow requests without path
|
||||
"""
|
||||
assert not auth.is_safe_request(None)
|
||||
assert not auth.is_safe_request("")
|
||||
|
||||
|
||||
def test_verify_access(auth: Auth, user: User) -> None:
|
||||
"""
|
||||
must verify user access
|
||||
"""
|
||||
auth.users[user.username] = user
|
||||
assert auth.verify_access(user.username, user.access)
|
||||
assert not auth.verify_access(user.username, UserAccess.Write)
|
62
tests/ahriman/models/test_user.py
Normal file
62
tests/ahriman/models/test_user.py
Normal file
@ -0,0 +1,62 @@
|
||||
from ahriman.models.user import User
|
||||
from ahriman.models.user_access import UserAccess
|
||||
|
||||
|
||||
def test_from_option(user: User) -> None:
|
||||
"""
|
||||
must generate user from options
|
||||
"""
|
||||
assert User.from_option(user.username, user.password) == user
|
||||
# default is status access
|
||||
user.access = UserAccess.Write
|
||||
assert User.from_option(user.username, user.password) != user
|
||||
|
||||
|
||||
def test_from_option_empty() -> None:
|
||||
"""
|
||||
must return nothing if settings are missed
|
||||
"""
|
||||
assert User.from_option(None, "") is None
|
||||
assert User.from_option("", None) is None
|
||||
assert User.from_option(None, None) is None
|
||||
|
||||
|
||||
def test_check_credentials_generate_password(user: User) -> None:
|
||||
"""
|
||||
must generate and validate user password
|
||||
"""
|
||||
current_password = user.password
|
||||
user.password = user.generate_password(current_password, "salt")
|
||||
assert user.check_credentials(current_password, "salt")
|
||||
assert not user.check_credentials(current_password, "salt1")
|
||||
assert not user.check_credentials(user.password, "salt")
|
||||
|
||||
|
||||
def test_verify_access_read(user: User) -> None:
|
||||
"""
|
||||
user with read access must be able to only request read
|
||||
"""
|
||||
user.access = UserAccess.Read
|
||||
assert user.verify_access(UserAccess.Read)
|
||||
assert not user.verify_access(UserAccess.Write)
|
||||
assert not user.verify_access(UserAccess.Status)
|
||||
|
||||
|
||||
def test_verify_access_status(user: User) -> None:
|
||||
"""
|
||||
user with status access must be able to only request status
|
||||
"""
|
||||
user.access = UserAccess.Status
|
||||
assert not user.verify_access(UserAccess.Read)
|
||||
assert not user.verify_access(UserAccess.Write)
|
||||
assert user.verify_access(UserAccess.Status)
|
||||
|
||||
|
||||
def test_verify_access_write(user: User) -> None:
|
||||
"""
|
||||
user with write access must be able to do anything
|
||||
"""
|
||||
user.access = UserAccess.Write
|
||||
assert user.verify_access(UserAccess.Read)
|
||||
assert user.verify_access(UserAccess.Write)
|
||||
assert user.verify_access(UserAccess.Status)
|
0
tests/ahriman/models/test_user_access.py
Normal file
0
tests/ahriman/models/test_user_access.py
Normal file
@ -17,3 +17,16 @@ def application(configuration: Configuration, mocker: MockerFixture) -> web.Appl
|
||||
"""
|
||||
mocker.patch("pathlib.Path.mkdir")
|
||||
return setup_service("x86_64", configuration)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def application_with_auth(configuration: Configuration, mocker: MockerFixture) -> web.Application:
|
||||
"""
|
||||
application fixture with auth enabled
|
||||
:param configuration: configuration fixture
|
||||
:param mocker: mocker object
|
||||
:return: application test instance
|
||||
"""
|
||||
configuration.set("web", "auth", "yes")
|
||||
mocker.patch("pathlib.Path.mkdir")
|
||||
return setup_service("x86_64", configuration)
|
||||
|
@ -2,8 +2,11 @@ import pytest
|
||||
|
||||
from collections import namedtuple
|
||||
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.models.user import User
|
||||
from ahriman.web.middlewares.auth_handler import AuthorizationPolicy
|
||||
|
||||
_request = namedtuple("_request", ["path"])
|
||||
_request = namedtuple("_request", ["path", "method"])
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
@ -12,4 +15,15 @@ def aiohttp_request() -> _request:
|
||||
fixture for aiohttp like object
|
||||
:return: aiohttp like request test instance
|
||||
"""
|
||||
return _request("path")
|
||||
return _request("path", "GET")
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def authorization_policy(configuration: Configuration, user: User) -> AuthorizationPolicy:
|
||||
"""
|
||||
fixture for authorization policy
|
||||
:return: authorization policy fixture
|
||||
"""
|
||||
policy = AuthorizationPolicy(configuration)
|
||||
policy.validator.users = {user.username: user}
|
||||
return policy
|
||||
|
105
tests/ahriman/web/middlewares/test_auth_handler.py
Normal file
105
tests/ahriman/web/middlewares/test_auth_handler.py
Normal file
@ -0,0 +1,105 @@
|
||||
from aiohttp import web
|
||||
from pytest_mock import MockerFixture
|
||||
from typing import Any
|
||||
from unittest.mock import AsyncMock
|
||||
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.models.user import User
|
||||
from ahriman.models.user_access import UserAccess
|
||||
from ahriman.web.middlewares.auth_handler import auth_handler, AuthorizationPolicy, setup_auth
|
||||
|
||||
|
||||
async def test_authorized_userid(authorization_policy: AuthorizationPolicy, user: User) -> None:
|
||||
"""
|
||||
must return authorized user id
|
||||
"""
|
||||
assert await authorization_policy.authorized_userid(user.username) == user.username
|
||||
assert await authorization_policy.authorized_userid("some random name") is None
|
||||
|
||||
|
||||
async def test_permits(authorization_policy: AuthorizationPolicy, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must call validator check
|
||||
"""
|
||||
safe_request_mock = mocker.patch("ahriman.core.auth.Auth.is_safe_request", return_value=False)
|
||||
verify_access_mock = mocker.patch("ahriman.core.auth.Auth.verify_access", return_value=True)
|
||||
|
||||
assert await authorization_policy.permits(user.username, user.access, "/endpoint")
|
||||
safe_request_mock.assert_called_with("/endpoint")
|
||||
verify_access_mock.assert_called_with(user.username, user.access)
|
||||
|
||||
|
||||
async def test_permits_safe(authorization_policy: AuthorizationPolicy, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must call validator check
|
||||
"""
|
||||
safe_request_mock = mocker.patch("ahriman.core.auth.Auth.is_safe_request", return_value=True)
|
||||
verify_access_mock = mocker.patch("ahriman.core.auth.Auth.verify_access")
|
||||
|
||||
assert await authorization_policy.permits(user.username, user.access, "/endpoint")
|
||||
safe_request_mock.assert_called_with("/endpoint")
|
||||
verify_access_mock.assert_not_called()
|
||||
|
||||
|
||||
async def test_auth_handler_api(aiohttp_request: Any, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must ask for status permission for api calls
|
||||
"""
|
||||
aiohttp_request = aiohttp_request._replace(path="/api")
|
||||
request_handler = AsyncMock()
|
||||
check_permission_mock = mocker.patch("aiohttp_security.check_permission")
|
||||
|
||||
handler = auth_handler()
|
||||
await handler(aiohttp_request, request_handler)
|
||||
check_permission_mock.assert_called_with(aiohttp_request, UserAccess.Status, aiohttp_request.path)
|
||||
|
||||
|
||||
async def test_auth_handler_api_post(aiohttp_request: Any, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must ask for status permission for api calls with POST
|
||||
"""
|
||||
aiohttp_request = aiohttp_request._replace(path="/api", method="POST")
|
||||
request_handler = AsyncMock()
|
||||
check_permission_mock = mocker.patch("aiohttp_security.check_permission")
|
||||
|
||||
handler = auth_handler()
|
||||
await handler(aiohttp_request, request_handler)
|
||||
check_permission_mock.assert_called_with(aiohttp_request, UserAccess.Status, aiohttp_request.path)
|
||||
|
||||
|
||||
async def test_auth_handler_read(aiohttp_request: Any, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must ask for read permission for api calls with GET
|
||||
"""
|
||||
for method in ("GET", "HEAD", "OPTIONS"):
|
||||
aiohttp_request = aiohttp_request._replace(method=method)
|
||||
request_handler = AsyncMock()
|
||||
check_permission_mock = mocker.patch("aiohttp_security.check_permission")
|
||||
|
||||
handler = auth_handler()
|
||||
await handler(aiohttp_request, request_handler)
|
||||
check_permission_mock.assert_called_with(aiohttp_request, UserAccess.Read, aiohttp_request.path)
|
||||
|
||||
|
||||
async def test_auth_handler_write(aiohttp_request: Any, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must ask for read permission for api calls with POST
|
||||
"""
|
||||
for method in ("CONNECT", "DELETE", "PATCH", "POST", "PUT", "TRACE"):
|
||||
aiohttp_request = aiohttp_request._replace(method=method)
|
||||
request_handler = AsyncMock()
|
||||
check_permission_mock = mocker.patch("aiohttp_security.check_permission")
|
||||
|
||||
handler = auth_handler()
|
||||
await handler(aiohttp_request, request_handler)
|
||||
check_permission_mock.assert_called_with(aiohttp_request, UserAccess.Write, aiohttp_request.path)
|
||||
|
||||
|
||||
def test_setup_auth(application: web.Application, configuration: Configuration, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must setup authorization
|
||||
"""
|
||||
aiohttp_security_setup_mock = mocker.patch("aiohttp_security.setup")
|
||||
application = setup_auth(application, configuration)
|
||||
assert application.get("validator") is not None
|
||||
aiohttp_security_setup_mock.assert_called_once()
|
@ -41,3 +41,16 @@ def test_run(application: web.Application, mocker: MockerFixture) -> None:
|
||||
run_server(application)
|
||||
run_application_mock.assert_called_with(application, host="127.0.0.1", port=port,
|
||||
handle_signals=False, access_log=pytest.helpers.anyvar(int))
|
||||
|
||||
|
||||
def test_run_with_auth(application_with_auth: web.Application, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must run application
|
||||
"""
|
||||
port = 8080
|
||||
application_with_auth["configuration"].set("web", "port", str(port))
|
||||
run_application_mock = mocker.patch("aiohttp.web.run_app")
|
||||
|
||||
run_server(application_with_auth)
|
||||
run_application_mock.assert_called_with(application_with_auth, host="127.0.0.1", port=port,
|
||||
handle_signals=False, access_log=pytest.helpers.anyvar(int))
|
||||
|
48
tests/ahriman/web/views/test_view_login.py
Normal file
48
tests/ahriman/web/views/test_view_login.py
Normal file
@ -0,0 +1,48 @@
|
||||
from aiohttp.test_utils import TestClient
|
||||
from pytest_mock import MockerFixture
|
||||
|
||||
from ahriman.core.auth import Auth
|
||||
from ahriman.core.configuration import Configuration
|
||||
from ahriman.models.user import User
|
||||
|
||||
|
||||
async def test_post(client: TestClient, configuration: Configuration, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must login user correctly
|
||||
"""
|
||||
client.app["validator"] = Auth(configuration)
|
||||
payload = {"username": user.username, "password": user.password}
|
||||
remember_patch = mocker.patch("aiohttp_security.remember")
|
||||
mocker.patch("ahriman.core.auth.Auth.check_credentials", return_value=True)
|
||||
|
||||
post_response = await client.post("/login", json=payload)
|
||||
assert post_response.status == 200
|
||||
|
||||
post_response = await client.post("/login", data=payload)
|
||||
assert post_response.status == 200
|
||||
|
||||
remember_patch.assert_called()
|
||||
|
||||
|
||||
async def test_post_skip(client: TestClient, user: User, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must process if no auth configured
|
||||
"""
|
||||
payload = {"username": user.username, "password": user.password}
|
||||
post_response = await client.post("/login", json=payload)
|
||||
remember_patch = mocker.patch("aiohttp_security.remember")
|
||||
assert post_response.status == 200
|
||||
remember_patch.assert_not_called()
|
||||
|
||||
|
||||
async def test_post_unauthorized(client: TestClient, configuration: Configuration, user: User,
|
||||
mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must return unauthorized on invalid auth
|
||||
"""
|
||||
client.app["validator"] = Auth(configuration)
|
||||
payload = {"username": user.username, "password": user.password}
|
||||
mocker.patch("ahriman.core.auth.Auth.check_credentials", return_value=False)
|
||||
|
||||
post_response = await client.post("/login", json=payload)
|
||||
assert post_response.status == 401
|
38
tests/ahriman/web/views/test_view_logout.py
Normal file
38
tests/ahriman/web/views/test_view_logout.py
Normal file
@ -0,0 +1,38 @@
|
||||
from aiohttp.test_utils import TestClient
|
||||
from aiohttp.web import HTTPUnauthorized
|
||||
from pytest_mock import MockerFixture
|
||||
|
||||
|
||||
async def test_post(client: TestClient, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must logout user correctly
|
||||
"""
|
||||
mocker.patch("aiohttp_security.check_authorized")
|
||||
forget_patch = mocker.patch("aiohttp_security.forget")
|
||||
|
||||
post_response = await client.post("/logout")
|
||||
assert post_response.status == 200
|
||||
forget_patch.assert_called_once()
|
||||
|
||||
|
||||
async def test_post_unauthorized(client: TestClient, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must raise exception if unauthorized
|
||||
"""
|
||||
mocker.patch("aiohttp_security.check_authorized", side_effect=HTTPUnauthorized())
|
||||
forget_patch = mocker.patch("aiohttp_security.forget")
|
||||
|
||||
post_response = await client.post("/logout")
|
||||
assert post_response.status == 401
|
||||
forget_patch.assert_not_called()
|
||||
|
||||
|
||||
async def test_post_disabled(client: TestClient, mocker: MockerFixture) -> None:
|
||||
"""
|
||||
must raise exception if auth is disabled
|
||||
"""
|
||||
forget_patch = mocker.patch("aiohttp_security.forget")
|
||||
|
||||
post_response = await client.post("/logout")
|
||||
assert post_response.status == 401
|
||||
forget_patch.assert_not_called()
|
@ -8,6 +8,9 @@ database = /var/lib/pacman
|
||||
repositories = core extra community multilib
|
||||
root = /
|
||||
|
||||
[auth]
|
||||
salt = salt
|
||||
|
||||
[build]
|
||||
archbuild_flags =
|
||||
build_command = extra-x86_64-build
|
||||
@ -54,5 +57,6 @@ region = eu-central-1
|
||||
secret_key =
|
||||
|
||||
[web]
|
||||
auth = no
|
||||
host = 127.0.0.1
|
||||
templates = ../web/templates
|
Reference in New Issue
Block a user