summaryrefslogtreecommitdiff
path: root/service/test/unit/resources/test_root_resource.py
diff options
context:
space:
mode:
Diffstat (limited to 'service/test/unit/resources/test_root_resource.py')
-rw-r--r--service/test/unit/resources/test_root_resource.py258
1 files changed, 230 insertions, 28 deletions
diff --git a/service/test/unit/resources/test_root_resource.py b/service/test/unit/resources/test_root_resource.py
index 4ff11ce8..1edba98c 100644
--- a/service/test/unit/resources/test_root_resource.py
+++ b/service/test/unit/resources/test_root_resource.py
@@ -1,14 +1,95 @@
-import unittest
+import os
import re
from mock import MagicMock, patch
from mockito import mock, when, any as ANY
-from pixelated.application import UserAgentMode
+import pixelated
+from pixelated.application import UserAgentMode, get_static_folder
+from pixelated.resources import IPixelatedSession, UnAuthorizedResource
from pixelated.resources.features_resource import FeaturesResource
+from pixelated.resources.login_resource import LoginResource
from test.unit.resources import DummySite
+from twisted.cred.checkers import ANONYMOUS
+from twisted.internet.defer import succeed
+from twisted.trial import unittest
+from twisted.web.resource import IResource, getChildForRequest
+from twisted.web.static import File
from twisted.web.test.requesthelper import DummyRequest
-from pixelated.resources.root_resource import RootResource, MODE_STARTUP, MODE_RUNNING
+from pixelated.resources.root_resource import InboxResource, RootResource, MODE_STARTUP, MODE_RUNNING
+
+
+class TestPublicRootResource(unittest.TestCase):
+
+ def setUp(self):
+ self.public_root_resource = RootResource(mock(), get_static_folder(), public=True)
+ self.web = DummySite(self.public_root_resource)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_put_child_public_adds_resource(self, *mocks):
+ self.public_root_resource.initialize(provider=mock(), authenticator=mock())
+ url_fragment, resource_mock = 'some-url-fragment', mock()
+ self.public_root_resource.putChildPublic(url_fragment, resource_mock)
+ request = DummyRequest([url_fragment])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.public_root_resource, request)
+ self.assertIs(child_resource, resource_mock)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_put_child_protected_adds_unauthorized(self, *mocks):
+ self.public_root_resource.initialize(provider=mock(), authenticator=mock())
+ url_fragment, resource_mock = 'some-url-fragment', mock()
+ self.public_root_resource.putChildProtected(url_fragment, resource_mock)
+ request = DummyRequest([url_fragment])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.public_root_resource, request)
+ self.assertIsInstance(child_resource, UnAuthorizedResource)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_put_child_adds_unauthorized(self, *mocks):
+ self.public_root_resource.initialize(provider=mock(), authenticator=mock())
+ url_fragment, resource_mock = 'some-url-fragment', mock()
+ self.public_root_resource.putChild(url_fragment, resource_mock)
+ request = DummyRequest([url_fragment])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.public_root_resource, request)
+ self.assertIsInstance(child_resource, UnAuthorizedResource)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_private_resource_returns_401(self, *mocks):
+ self.public_root_resource.initialize(provider=mock(), authenticator=mock())
+ request = DummyRequest(['mails'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ d = self.web.get(request)
+
+ def assert_unauthorized(request):
+ self.assertEqual(401, request.responseCode)
+ self.assertEqual("Unauthorized!", request.written[0])
+
+ d.addCallback(assert_unauthorized)
+ return d
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_login_url_should_delegate_to_login_resource(self, *mocks):
+ self.public_root_resource.initialize(provider=mock(), authenticator=mock())
+ request = DummyRequest(['login'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.public_root_resource, request)
+ self.assertIsInstance(child_resource, LoginResource)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_root_url_should_redirect_to_login_resource(self, *mocks):
+ self.public_root_resource.initialize(provider=mock(), authenticator=mock())
+ request = DummyRequest([''])
+ request.addCookie = MagicMock(return_value='stubbed')
+ d = self.web.get(request)
+
+ def assert_redirect(request):
+ self.assertEqual(302, request.responseCode)
+ self.assertEqual(["login"], request.responseHeaders.getRawHeaders('location', [None]))
+
+ d.addCallback(assert_redirect)
+ return d
class TestRootResource(unittest.TestCase):
@@ -24,29 +105,46 @@ class TestRootResource(unittest.TestCase):
when(self.services_factory).services(ANY()).thenReturn(self.services)
self.mail_service.account_email = self.MAIL_ADDRESS
- root_resource = RootResource(self.services_factory)
- root_resource._html_template = "<html><head><title>$account_email</title></head></html>"
- root_resource._mode = root_resource
- self.web = DummySite(root_resource)
- self.root_resource = root_resource
-
- def test_render_GET_should_template_account_email(self):
+ self.root_resource = RootResource(self.services_factory, get_static_folder())
+ self.web = DummySite(self.root_resource)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_put_child_protected_adds_resource(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+ url_fragment, resource_mock = 'some-url-fragment', mock()
+ self.root_resource.putChildProtected(url_fragment, resource_mock)
+ request = DummyRequest([url_fragment])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.root_resource, request)
+ self.assertIs(child_resource, resource_mock)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_put_child_adds_resource(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+ url_fragment, resource_mock = 'some-url-fragment', mock()
+ self.root_resource.putChild(url_fragment, resource_mock)
+ request = DummyRequest([url_fragment])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.root_resource, request)
+ self.assertIs(child_resource, resource_mock)
+
+ def test_root_url_should_delegate_to_inbox(self):
request = DummyRequest([''])
- request.addCookie = lambda key, value: 'stubbed'
-
- d = self.web.get(request)
-
- def assert_response(_):
- expected = "<title>{0}</title>".format(self.MAIL_ADDRESS)
- matches = re.findall(expected, request.written[0])
- self.assertEquals(len(matches), 1)
-
- d.addCallback(assert_response)
- return d
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.root_resource, request)
+ self.assertIsInstance(child_resource, InboxResource)
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_login_url_should_delegate_to_login_resource(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+ request = DummyRequest(['login'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ child_resource = getChildForRequest(self.root_resource, request)
+ self.assertIsInstance(child_resource, LoginResource)
def _test_should_renew_xsrf_cookie(self):
request = DummyRequest([''])
- request.addCookie = MagicMock()
+ request.addCookie = MagicMock(return_value='stubbed')
generated_csrf_token = 'csrf_token'
mock_sha = MagicMock()
mock_sha.hexdigest = MagicMock(return_value=generated_csrf_token)
@@ -72,6 +170,7 @@ class TestRootResource(unittest.TestCase):
self.root_resource._mode = MODE_STARTUP
request = DummyRequest(['/child'])
+ request.addCookie = MagicMock(return_value='stubbed')
request.getCookie = MagicMock(return_value='irrelevant -- stubbed')
d = self.web.get(request)
@@ -87,8 +186,12 @@ class TestRootResource(unittest.TestCase):
request.requestHeaders.setRawHeaders('x-requested-with', ['XMLHttpRequest'])
request.requestHeaders.setRawHeaders('x-xsrf-token', [csrf_token])
- def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch(self):
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
request = DummyRequest(['/child'])
+ request.addCookie = MagicMock(return_value='stubbed')
request.method = 'POST'
self._mock_ajax_csrf(request, 'stubbed csrf token')
@@ -103,11 +206,46 @@ class TestRootResource(unittest.TestCase):
d.addCallback(assert_unauthorized)
return d
- def test_should_404_non_existing_resource_with_valid_csrf(self):
- request = DummyRequest(['/non-existing-child'])
+ def test_GET_should_return_503_for_uninitialized_resource(self):
+ request = DummyRequest(['/sandbox/'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ request.method = 'GET'
+
+ request.getCookie = MagicMock(return_value='stubbed csrf token')
+
+ d = self.web.get(request)
+
+ def assert_unavailable(_):
+ self.assertEqual(503, request.responseCode)
+
+ d.addCallback(assert_unavailable)
+ return d
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_GET_should_return_404_for_non_existing_resource(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['non-existing-child'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ request.method = 'GET'
+ request.getCookie = MagicMock(return_value='stubbed csrf token')
+
+ d = self.web.get(request)
+
+ def assert_not_found(_):
+ self.assertEqual(404, request.responseCode)
+
+ d.addCallback(assert_not_found)
+ return d
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_should_404_non_existing_resource_with_valid_csrf(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['non-existing-child'])
+ request.addCookie = MagicMock(return_value='stubbed')
request.method = 'POST'
self._mock_ajax_csrf(request, 'stubbed csrf token')
-
request.getCookie = MagicMock(return_value='stubbed csrf token')
d = self.web.get(request)
@@ -121,9 +259,10 @@ class TestRootResource(unittest.TestCase):
def test_should_authorize_child_resource_non_ajax_GET_requests(self):
request = DummyRequest(['features'])
+ request.addCookie = MagicMock(return_value='stubbed')
request.getCookie = MagicMock(return_value='irrelevant -- stubbed')
- self.root_resource._child_resources.add('features', FeaturesResource())
+ self.root_resource.putChild('features', FeaturesResource())
self.root_resource._mode = MODE_RUNNING
d = self.web.get(request)
@@ -134,7 +273,10 @@ class TestRootResource(unittest.TestCase):
d.addCallback(assert_unauthorized)
return d
- def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch(self):
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
request = DummyRequest(['mails'])
request.method = 'POST'
request.addArg('csrftoken', 'some csrf token')
@@ -142,6 +284,7 @@ class TestRootResource(unittest.TestCase):
mock_content.read = MagicMock(return_value={})
request.content = mock_content
+ request.addCookie = MagicMock(return_value='stubbed')
request.getCookie = MagicMock(return_value='mismatched csrf token')
d = self.web.get(request)
@@ -152,3 +295,62 @@ class TestRootResource(unittest.TestCase):
d.addCallback(assert_unauthorized)
return d
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_assets_should_be_publicly_available(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['static', 'dummy.json'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ d = self.web.get(request)
+
+ def assert_response(_):
+ self.assertEqual(200, request.responseCode)
+
+ d.addCallback(assert_response)
+ return d
+
+ @patch('pixelated.resources.mails_resource.events.register')
+ def test_login_should_be_publicly_available(self, *mocks):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['login'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ d = self.web.get(request)
+
+ def assert_response(_):
+ self.assertEqual(200, request.responseCode)
+
+ d.addCallback(assert_response)
+ return d
+
+ def test_root_should_be_handled_by_inbox_resource(self):
+ request = DummyRequest([])
+ request.addCookie = MagicMock(return_value='stubbed')
+ request.prepath = ['']
+ request.path = '/'
+
+ resource = self.root_resource.getChildWithDefault(request.prepath[-1], request)
+ self.assertIsInstance(resource, InboxResource)
+
+ def test_inbox_should_not_be_public(self):
+ request = DummyRequest([])
+ request.addCookie = MagicMock(return_value='stubbed')
+ request.prepath = ['']
+ request.path = '/'
+
+ resource = self.root_resource.getChildWithDefault(request.prepath[-1], request)
+ self.assertIsInstance(resource, InboxResource)
+
+ def test_every_url_should_get_csrftoken_header(self):
+ # self.root_resource.initialize(provider=mock(), authenticator=mock())
+ request = DummyRequest(['any'])
+ request.addCookie = MagicMock(return_value='stubbed')
+ d = self.web.get(request)
+
+ def assert_add_cookie_called_for_csrftoken(request):
+ csrftoken = IPixelatedSession(request.getSession()).get_csrf_token()
+ self.assertEqual([(('XSRF-TOKEN', csrftoken),)], request.addCookie.call_args_list)
+
+ d.addCallback(assert_add_cookie_called_for_csrftoken)
+ return d
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 13:23:40 +0000