1 files changed, 156 insertions, 0 deletions

diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py
new file mode 100644
index 00000000..04be26f8
--- /dev/null
+++ b/service/test/unit/resources/test_login_resource.py
@@ -0,0 +1,156 @@
+from leap.exceptions import SRPAuthenticationError
+from mock import patch
+from mockito import mock, when, any as ANY, verify, verifyZeroInteractions
+from twisted.cred import credentials
+from twisted.trial import unittest
+from twisted.web.resource import IResource
+from twisted.web.test.requesthelper import DummyRequest
+
+from pixelated.bitmask_libraries.session import LeapSession
+from pixelated.resources.auth import LeapUser
+from pixelated.resources.login_resource import LoginResource
+from test.unit.resources import DummySite
+
+
+class TestLoginResource(unittest.TestCase):
+    def setUp(self):
+        self.services_factory = mock()
+        self.portal = mock()
+        self.resource = LoginResource(self.services_factory, self.portal)
+        self.web = DummySite(self.resource)
+
+    def test_children_resources_are_unauthorized_when_not_logged_in(self):
+        request = DummyRequest(['/some_child_resource'])
+
+        d = self.web.get(request)
+
+        def assert_unauthorized_resources(_):
+            self.assertEqual(401, request.responseCode)
+            self.assertEqual("Unauthorized!", request.written[0])
+
+        d.addCallback(assert_unauthorized_resources)
+        return d
+
+    @patch('pixelated.resources.session.PixelatedSession.is_logged_in')
+    def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in):
+        request = DummyRequest(['/login/grand_children'])
+        mock_is_logged_in.return_value = True
+
+        d = self.web.get(request)
+
+        def assert_resources_not_found(_):
+            self.assertEqual(404, request.responseCode)
+            self.assertIn("No Such Resource", request.written[0])
+
+        d.addCallback(assert_resources_not_found)
+        return d
+
+    def test_get(self):
+        request = DummyRequest([''])
+
+        d = self.web.get(request)
+
+        def assert_form_rendered(_):
+            self.assertEqual(200, request.responseCode)
+            form_action = 'action="/login"'
+            form_method = 'method="post"'
+            input_username = '<input autofocus="" placeholder="  username" class="text-field" type="text" tabindex="1" id="email" name="username" />'
+            input_password = '<input placeholder="  password" class="text-field" type="password" tabindex="2" id="password" name="password" autocomplete="off" />'
+            input_submit = '<input type="submit" tabindex="3" class="button" name="login" value="Login" />'
+            written_response = ''.join(request.written)
+            self.assertIn(form_action, written_response)
+            self.assertIn(form_method, written_response)
+            self.assertIn(input_password, written_response)
+            self.assertIn(input_submit, written_response)
+            self.assertIn(input_username, written_response)
+
+        d.addCallback(assert_form_rendered)
+        return d
+
+
+class TestLoginPOST(unittest.TestCase):
+    def setUp(self):
+        self.services_factory = mock()
+        self.portal = mock()
+        self.resource = LoginResource(self.services_factory, self.portal)
+        self.web = DummySite(self.resource)
+
+        self.request = DummyRequest([''])
+        username = 'ayoyo'
+        self.request.addArg('username', username)
+        password = 'ayoyo_password'
+        self.request.addArg('password', password)
+        self.request.method = 'POST'
+        leap_session = mock(LeapSession)
+        user_auth = mock()
+        user_auth.uuid = 'some_user_uuid'
+        leap_session.user_auth = user_auth
+        config = mock()
+        config.leap_home = 'some_folder'
+        leap_session.config = config
+        leap_session.fresh_account = False
+        self.leap_user = LeapUser(leap_session)
+
+    @patch('twisted.web.util.redirectTo')
+    @patch('pixelated.config.services.Services.setup')
+    def test_login_setups_user_services_and_add_corresponding_session_to_services_factory(self, mock_service_setup, mock_redirect):
+        irrelevant = None
+        when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_user, irrelevant))
+        d = self.web.get(self.request)
+
+        def assert_login_setup_service_for_user(_):
+            verify(self.portal).login(ANY(), None, IResource)
+            self.assertTrue(mock_service_setup.called)
+            verify(self.services_factory).add_session('some_user_uuid', ANY())
+            mock_redirect.assert_called_once_with('/', self.request)
+            self.assertTrue(self.resource.is_logged_in(self.request))
+
+        d.addCallback(assert_login_setup_service_for_user)
+        return d
+
+    def test_should_return_form_back_with_error_message_when_login_fails(self, ):
+        when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
+        d = self.web.get(self.request)
+
+        def assert_login_setup_service_for_user(_):
+            verify(self.portal).login(ANY(), None, IResource)
+            self.assertEqual(401, self.request.responseCode)
+            written_response = ''.join(self.request.written)
+            self.assertIn('Invalid credentials', written_response)
+            self.assertFalse(self.resource.is_logged_in(self.request))
+
+        d.addCallback(assert_login_setup_service_for_user)
+        return d
+
+    @patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create')
+    @patch('leap.auth.SRPAuth.authenticate')
+    @patch('pixelated.config.services.Services.setup')
+    def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create):
+        mock_leap_srp_auth.side_effect = SRPAuthenticationError()
+
+        d = self.web.get(self.request)
+
+        def assert_login_setup_service_for_user(_):
+            verify(self.portal).login(ANY(), None, IResource)
+            self.assertFalse(mock_leap_session_create.called)
+            self.assertFalse(mock_service_setup.called)
+            self.assertEqual(401, self.request.responseCode)
+            self.assertFalse(self.resource.is_logged_in(self.request))
+
+        d.addCallback(assert_login_setup_service_for_user)
+        return d
+
+    @patch('twisted.web.util.redirectTo')
+    @patch('pixelated.resources.session.PixelatedSession.is_logged_in')
+    def test_should_not_process_login_if_already_logged_in(self, mock_logged_in, mock_redirect):
+        mock_logged_in.return_value = True
+        when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
+        d = self.web.get(self.request)
+
+        def assert_login_setup_service_for_user(_):
+            verifyZeroInteractions(self.portal)
+            self.assertEqual(200, self.request.responseCode)
+            mock_redirect.assert_called_once_with('/', self.request)
+
+        d.addCallback(assert_login_setup_service_for_user)
+        return d