diff options
author | NavaL <ayoyo@thoughtworks.com> | 2016-06-24 18:37:25 +0200 |
---|---|---|
committer | NavaL <ayoyo@thoughtworks.com> | 2016-06-24 18:37:55 +0200 |
commit | 64c54186eff000762c291758973ca8e5db28f606 (patch) | |
tree | ca90b7c74583cfa170e90838b5722b96ba7138da /service/test | |
parent | 12706c25ef02974ff54d1f42caac268f6eaa3a0c (diff) |
Issue #694 add an admin restricted resource for user stats
Diffstat (limited to 'service/test')
5 files changed, 130 insertions, 2 deletions
diff --git a/service/test/integration/test_users_count.py b/service/test/integration/test_users_count.py new file mode 100644 index 00000000..d06ffd39 --- /dev/null +++ b/service/test/integration/test_users_count.py @@ -0,0 +1,47 @@ +# +# Copyright (c) 2014 ThoughtWorks, Inc. +# +# Pixelated is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Pixelated is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with Pixelated. If not, see <http://www.gnu.org/licenses/>. +import json + +from mockito import verify +from mockito import when +from twisted.internet import defer + +from test.support.integration.multi_user_client import MultiUserClient +from test.support.integration.soledad_test_base import SoledadTestBase + + +class UsersResourceTest(MultiUserClient, SoledadTestBase): + + @defer.inlineCallbacks + def wait_for_session_user_id_to_finish(self): + yield self.adaptor.initialize_store(self.soledad) + + @defer.inlineCallbacks + def test_online_users_count_uses_leap_auth_privileges(self): + + response, login_request = yield self.login() + yield response + + yield self.wait_for_session_user_id_to_finish() + + when(self.user_auth).is_admin().thenReturn(True) + response, request = self.get("/users", json.dumps({'csrftoken': [login_request.getCookie('XSRF-TOKEN')]}), + from_request=login_request, as_json=False) + yield response + + self.assertEqual(200, request.code) # redirected + self.assertEqual('{"count": 1}', request.getWrittenData()) # redirected + verify(self.user_auth).is_admin() diff --git a/service/test/support/integration/multi_user_client.py b/service/test/support/integration/multi_user_client.py index 656e0901..d6133e64 100644 --- a/service/test/support/integration/multi_user_client.py +++ b/service/test/support/integration/multi_user_client.py @@ -60,6 +60,7 @@ class MultiUserClient(AppTestClient): leap_session.fresh_account = False self.leap_session = leap_session self.services = self._test_account.services + self.user_auth = user_auth self._set_leap_srp_auth(username, password, user_auth) when(LeapSessionFactory).create(username, password, user_auth).thenReturn(leap_session) diff --git a/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py b/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py index 58a7525f..e938d6f5 100644 --- a/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py +++ b/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py @@ -30,7 +30,7 @@ class TestSmtpClientCertificate(unittest.TestCase): self.tmp_dir = tempdir.TempDir() self.provider = mock() self.provider.domain = 'some-provider.tld' - self.auth = SRPSession('username', 'token', 'uuid', 'session_id') + self.auth = SRPSession('username', 'token', 'uuid', 'session_id', {}) self.pem_path = os.path.join(self.tmp_dir.name, 'providers', 'some-provider.tld', 'keys', 'client', 'smtp.pem') self.downloader = mock() when(session).SmtpCertDownloader(self.provider, self.auth).thenReturn(self.downloader) diff --git a/service/test/unit/config/test_services.py b/service/test/unit/config/test_services.py index 71765d19..8277c919 100644 --- a/service/test/unit/config/test_services.py +++ b/service/test/unit/config/test_services.py @@ -17,7 +17,7 @@ import unittest from mockito import mock, verify -from pixelated.config.services import Services +from pixelated.config.services import Services, ServicesFactory class ServicesTest(unittest.TestCase): @@ -32,3 +32,13 @@ class ServicesTest(unittest.TestCase): def test_close_services_closes_the_underlying_leap_session(self): self.services.close() verify(self.leap_session).close() + + +class ServicesFactoryTest(unittest.TestCase): + + def test_online_sessions_counts_logged_in_users(self): + service_factory = ServicesFactory(mock()) + service_factory.add_session('some_id1', mock()) + service_factory.add_session('some_id2', mock()) + + self.assertEqual(2, service_factory.online_sessions()) diff --git a/service/test/unit/resources/test_users_resource.py b/service/test/unit/resources/test_users_resource.py new file mode 100644 index 00000000..bfd61022 --- /dev/null +++ b/service/test/unit/resources/test_users_resource.py @@ -0,0 +1,70 @@ +import os + +import test.support.mockito + +from leap.exceptions import SRPAuthenticationError +from mock import patch +from mockito import mock, when, any as ANY, verify, verifyZeroInteractions, verifyNoMoreInteractions +from twisted.trial import unittest +from twisted.web.resource import IResource +from twisted.web.test.requesthelper import DummyRequest + +from pixelated.bitmask_libraries.session import LeapSession, LeapSessionFactory +from pixelated.config.services import Services, ServicesFactory +from pixelated.resources.login_resource import LoginResource +from pixelated.resources.users import UsersResource +from test.unit.resources import DummySite + + +class TestUsersResource(unittest.TestCase): + + def setUp(self): + self.services_factory = mock() + self.resource = UsersResource(self.services_factory) + self.web = DummySite(self.resource) + + def test_numbers_of_users_online(self): + number_of_users_online = 6 + self.services_factory.online_sessions = lambda: number_of_users_online + self.resource.is_admin = lambda _: True + request = DummyRequest(['']) + + d = self.web.get(request) + + def assert_users_count(_): + self.assertEqual(200, request.code) + self.assertEqual('{"count": %d}' % number_of_users_online, request.written[0]) + + d.addCallback(assert_users_count) + return d + + def test_numbers_of_users_online_is_only_available_only_for_admin(self): + self.resource.is_admin = lambda _: False + request = DummyRequest(['']) + d = self.web.get(request) + + def assert_is_forbidden(_): + self.assertEqual(401, request.responseCode) + self.assertEqual('Unauthorized!', request.written[0]) + + d.addCallback(assert_is_forbidden) + return d + + def test_is_admin_is_queried_from_leap_auth(self): + leap_session = mock() + auth = mock() + auth.uuid = 'some_id1' + leap_session.user_auth = auth + leap_session.config = mock() + services = Services(leap_session) + service_factory = ServicesFactory(mock()) + service_factory.add_session('some_id1', services) + + when(auth).is_admin().thenReturn(True) + request = mock() + resource = UsersResource(service_factory) + + when(resource)._get_user_id_from_request(request).thenReturn('some_id1') + + self.assertTrue(resource.is_admin(request)) + verify(auth).is_admin() |