summaryrefslogtreecommitdiff
path: root/service/test/unit/resources
diff options
context:
space:
mode:
Diffstat (limited to 'service/test/unit/resources')
-rw-r--r--service/test/unit/resources/test_auth.py85
-rw-r--r--service/test/unit/resources/test_root_resource.py95
2 files changed, 174 insertions, 6 deletions
diff --git a/service/test/unit/resources/test_auth.py b/service/test/unit/resources/test_auth.py
new file mode 100644
index 00000000..6bd0338a
--- /dev/null
+++ b/service/test/unit/resources/test_auth.py
@@ -0,0 +1,85 @@
+from mockito import mock, when, any as ANY
+from pixelated.resources.auth import SessionChecker, PixelatedRealm, PixelatedAuthSessionWrapper
+from pixelated.resources.login_resource import LoginResource
+from pixelated.resources.root_resource import RootResource
+from test.unit.resources import DummySite
+from twisted.cred import error
+from twisted.cred.checkers import ANONYMOUS, AllowAnonymousAccess
+from twisted.cred.portal import Portal
+from twisted.internet.defer import succeed, fail
+from twisted.python import failure
+from twisted.trial import unittest
+from twisted.web._auth.wrapper import UnauthorizedResource
+from twisted.web.resource import IResource, getChildForRequest
+from twisted.web.test.requesthelper import DummyRequest
+
+
+class TestPixelatedRealm(unittest.TestCase):
+
+ def setUp(self):
+ self.authenticated_root_resource = mock()
+ self.public_root_resource = mock()
+ self.realm = PixelatedRealm(self.authenticated_root_resource, self.public_root_resource)
+
+ def test_anonymous_user_gets_anonymous_resource(self):
+ interface, avatar, logout_handler = self.realm.requestAvatar(ANONYMOUS, None, IResource)
+ self.assertEqual(interface, IResource)
+ self.assertIs(avatar, self.public_root_resource)
+
+ def test_authenticated_user_gets_root_resource(self):
+ interface, avatar, logout_handler = self.realm.requestAvatar('username', None, IResource)
+ self.assertEqual(interface, IResource)
+ self.assertIs(avatar, self.authenticated_root_resource)
+
+
+class TestPixelatedAuthSessionWrapper(unittest.TestCase):
+
+ def setUp(self):
+ self.realm_mock = mock()
+ services_factory = mock()
+ session_checker = SessionChecker(services_factory)
+ self.portal = Portal(self.realm_mock, [session_checker, AllowAnonymousAccess()])
+ self.user_uuid_mock = mock()
+ self.root_resource = RootResource(services_factory)
+ self.anonymous_resource_mock = mock()
+
+ self.session_wrapper = PixelatedAuthSessionWrapper(self.portal, self.root_resource, self.anonymous_resource_mock)
+ self.request = DummyRequest([])
+ self.request.prepath = ['']
+ self.request.path = '/'
+
+ def test_should_proxy_to_login_resource_when_the_user_is_not_logged_in(self):
+ when(self.realm_mock).requestAvatar(ANONYMOUS, None, IResource).thenReturn((IResource, self.anonymous_resource_mock, lambda: None))
+
+ deferred_resource = self.session_wrapper.getChildWithDefault('', self.request)
+ d = deferred_resource.d
+
+ def assert_anonymous_resource(resource):
+ self.assertIs(resource, self.anonymous_resource_mock)
+
+ d.addCallback(assert_anonymous_resource)
+ return d
+
+ def test_should_proxy_to_root_resource_when_the_user_is_logged_in(self):
+ when(self.realm_mock).requestAvatar(ANY(), None, IResource).thenReturn((IResource, self.root_resource, lambda: None))
+
+ deferred_resource = self.session_wrapper.getChildWithDefault('', self.request)
+ d = deferred_resource.d
+
+ def assert_root_resource(resource):
+ self.assertIs(resource, self.root_resource)
+
+ d.addCallback(assert_root_resource)
+ return d
+
+ def test_should_X_when_unauthenticated_user_requests_non_public_resource(self):
+ when(self.realm_mock).requestAvatar(ANONYMOUS, None, IResource).thenReturn((IResource, self.anonymous_resource_mock, lambda: None))
+
+ deferred_resource = self.session_wrapper.getChildWithDefault('', self.request)
+ d = deferred_resource.d
+
+ def assert_unauthorized_resource(resource):
+ self.assertIs(resource, self.anonymous_resource_mock)
+
+ d.addCallback(assert_unauthorized_resource)
+ return d
diff --git a/service/test/unit/resources/test_root_resource.py b/service/test/unit/resources/test_root_resource.py
index 4ff11ce8..2c74d7b9 100644
--- a/service/test/unit/resources/test_root_resource.py
+++ b/service/test/unit/resources/test_root_resource.py
@@ -1,14 +1,20 @@
-import unittest
+import os
import re
from mock import MagicMock, patch
from mockito import mock, when, any as ANY
+import pixelated
from pixelated.application import UserAgentMode
from pixelated.resources.features_resource import FeaturesResource
from test.unit.resources import DummySite
+from twisted.cred.checkers import ANONYMOUS
+from twisted.internet.defer import succeed
+from twisted.trial import unittest
+from twisted.web.resource import IResource
+from twisted.web.static import File
from twisted.web.test.requesthelper import DummyRequest
-from pixelated.resources.root_resource import RootResource, MODE_STARTUP, MODE_RUNNING
+from pixelated.resources.root_resource import InboxResource, RootResource, MODE_STARTUP, MODE_RUNNING
class TestRootResource(unittest.TestCase):
@@ -25,12 +31,13 @@ class TestRootResource(unittest.TestCase):
self.mail_service.account_email = self.MAIL_ADDRESS
root_resource = RootResource(self.services_factory)
- root_resource._html_template = "<html><head><title>$account_email</title></head></html>"
- root_resource._mode = root_resource
self.web = DummySite(root_resource)
self.root_resource = root_resource
def test_render_GET_should_template_account_email(self):
+ self.root_resource._inbox_resource._html_template = "<html><head><title>$account_email</title></head></html>"
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
request = DummyRequest([''])
request.addCookie = lambda key, value: 'stubbed'
@@ -88,6 +95,8 @@ class TestRootResource(unittest.TestCase):
request.requestHeaders.setRawHeaders('x-xsrf-token', [csrf_token])
def test_should_unauthorize_child_resource_ajax_requests_when_csrf_mismatch(self):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
request = DummyRequest(['/child'])
request.method = 'POST'
self._mock_ajax_csrf(request, 'stubbed csrf token')
@@ -103,11 +112,41 @@ class TestRootResource(unittest.TestCase):
d.addCallback(assert_unauthorized)
return d
+ def test_GET_should_return_503_for_uninitialized_resource(self):
+ request = DummyRequest(['/sandbox/'])
+ request.method = 'GET'
+
+ request.getCookie = MagicMock(return_value='stubbed csrf token')
+
+ d = self.web.get(request)
+
+ def assert_unavailable(_):
+ self.assertEqual(503, request.responseCode)
+
+ d.addCallback(assert_unavailable)
+ return d
+
+ def test_GET_should_return_404_for_non_existing_resource(self):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['/non-existing-child'])
+ request.method = 'GET'
+ request.getCookie = MagicMock(return_value='stubbed csrf token')
+
+ d = self.web.get(request)
+
+ def assert_not_found(_):
+ self.assertEqual(404, request.responseCode)
+
+ d.addCallback(assert_not_found)
+ return d
+
def test_should_404_non_existing_resource_with_valid_csrf(self):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
request = DummyRequest(['/non-existing-child'])
request.method = 'POST'
self._mock_ajax_csrf(request, 'stubbed csrf token')
-
request.getCookie = MagicMock(return_value='stubbed csrf token')
d = self.web.get(request)
@@ -123,7 +162,7 @@ class TestRootResource(unittest.TestCase):
request = DummyRequest(['features'])
request.getCookie = MagicMock(return_value='irrelevant -- stubbed')
- self.root_resource._child_resources.add('features', FeaturesResource())
+ self.root_resource.putChild('features', FeaturesResource())
self.root_resource._mode = MODE_RUNNING
d = self.web.get(request)
@@ -135,6 +174,8 @@ class TestRootResource(unittest.TestCase):
return d
def test_should_unauthorize_child_resource_non_ajax_POST_requests_when_csrf_input_mismatch(self):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
request = DummyRequest(['mails'])
request.method = 'POST'
request.addArg('csrftoken', 'some csrf token')
@@ -152,3 +193,45 @@ class TestRootResource(unittest.TestCase):
d.addCallback(assert_unauthorized)
return d
+
+ def test_assets_should_be_publicly_available(self):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['assets', 'dummy.json'])
+ d = self.web.get(request)
+
+ def assert_response(_):
+ self.assertEqual(200, request.responseCode)
+
+ d.addCallback(assert_response)
+ return d
+
+ def test_login_should_be_publicly_available(self):
+ self.root_resource.initialize(provider=mock(), authenticator=mock())
+
+ request = DummyRequest(['login'])
+ d = self.web.get(request)
+
+ def assert_response(_):
+ self.assertEqual(200, request.responseCode)
+
+ d.addCallback(assert_response)
+ return d
+
+ def test_root_should_be_handled_by_inbox_resource(self):
+ request = DummyRequest([])
+ request.prepath = ['']
+ request.path = '/'
+ # TODO: setup mocked portal
+
+ resource = self.root_resource.getChildWithDefault(request.prepath[-1], request)
+ self.assertIsInstance(resource, InboxResource)
+
+ def test_inbox_should_not_be_public(self):
+ request = DummyRequest([])
+ request.prepath = ['']
+ request.path = '/'
+ # TODO: setup mocked portal
+
+ resource = self.root_resource.getChildWithDefault(request.prepath[-1], request)
+ self.assertIsInstance(resource, InboxResource)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 12:18:25 +0000