from leap.exceptions import SRPAuthenticationError
from mock import patch
from mockito import mock, when, any as ANY, verify, verifyZeroInteractions
from twisted.cred import credentials
from twisted.trial import unittest
from twisted.web.resource import IResource
from twisted.web.test.requesthelper import DummyRequest
from pixelated.bitmask_libraries.session import LeapSession
from pixelated.resources.auth import LeapUser
from pixelated.resources.login_resource import LoginResource
from test.unit.resources import DummySite
class TestLoginResource(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
def test_children_resources_are_unauthorized_when_not_logged_in(self):
request = DummyRequest(['/some_child_resource'])
d = self.web.get(request)
def assert_unauthorized_resources(_):
self.assertEqual(401, request.responseCode)
self.assertEqual("Unauthorized!", request.written[0])
d.addCallback(assert_unauthorized_resources)
return d
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in):
request = DummyRequest(['/login/grand_children'])
mock_is_logged_in.return_value = True
d = self.web.get(request)
def assert_resources_not_found(_):
self.assertEqual(404, request.responseCode)
self.assertIn("No Such Resource", request.written[0])
d.addCallback(assert_resources_not_found)
return d
def test_get(self):
request = DummyRequest([''])
d = self.web.get(request)
def assert_form_rendered(_):
self.assertEqual(200, request.responseCode)
form_action = 'action="/login"'
form_method = 'method="post"'
input_username = ''
input_password = ''
input_submit = ''
written_response = ''.join(request.written)
self.assertIn(form_action, written_response)
self.assertIn(form_method, written_response)
self.assertIn(input_password, written_response)
self.assertIn(input_submit, written_response)
self.assertIn(input_username, written_response)
d.addCallback(assert_form_rendered)
return d
class TestLoginPOST(unittest.TestCase):
def setUp(self):
self.services_factory = mock()
self.portal = mock()
self.resource = LoginResource(self.services_factory, self.portal)
self.web = DummySite(self.resource)
self.request = DummyRequest([''])
username = 'ayoyo'
self.request.addArg('username', username)
password = 'ayoyo_password'
self.request.addArg('password', password)
self.request.method = 'POST'
leap_session = mock(LeapSession)
user_auth = mock()
user_auth.uuid = 'some_user_uuid'
leap_session.user_auth = user_auth
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_user = LeapUser(leap_session)
@patch('twisted.web.util.redirectTo')
@patch('pixelated.config.services.Services.setup')
def test_login_setups_user_services_and_add_corresponding_session_to_services_factory(self, mock_service_setup, mock_redirect):
irrelevant = None
when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_user, irrelevant))
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertTrue(mock_service_setup.called)
verify(self.services_factory).add_session('some_user_uuid', ANY())
mock_redirect.assert_called_once_with('/', self.request)
self.assertTrue(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
def test_should_return_form_back_with_error_message_when_login_fails(self, ):
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertEqual(401, self.request.responseCode)
written_response = ''.join(self.request.written)
self.assertIn('Invalid credentials', written_response)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('pixelated.bitmask_libraries.session.LeapSessionFactory.create')
@patch('leap.auth.SRPAuth.authenticate')
@patch('pixelated.config.services.Services.setup')
def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create):
mock_leap_srp_auth.side_effect = SRPAuthenticationError()
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verify(self.portal).login(ANY(), None, IResource)
self.assertFalse(mock_leap_session_create.called)
self.assertFalse(mock_service_setup.called)
self.assertEqual(401, self.request.responseCode)
self.assertFalse(self.resource.is_logged_in(self.request))
d.addCallback(assert_login_setup_service_for_user)
return d
@patch('twisted.web.util.redirectTo')
@patch('pixelated.resources.session.PixelatedSession.is_logged_in')
def test_should_not_process_login_if_already_logged_in(self, mock_logged_in, mock_redirect):
mock_logged_in.return_value = True
when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
d = self.web.get(self.request)
def assert_login_setup_service_for_user(_):
verifyZeroInteractions(self.portal)
self.assertEqual(200, self.request.responseCode)
mock_redirect.assert_called_once_with('/', self.request)
d.addCallback(assert_login_setup_service_for_user)
return d