[test] fix session and auth tests

4 files changed, 26 insertions, 51 deletions

diff --git a/server/src/leap/soledad/server/auth.py b/server/src/leap/soledad/server/auth.py
index bcef2e7c..1f078bff 100644
--- a/server/src/leap/soledad/server/auth.py
+++ b/server/src/leap/soledad/server/auth.py
@@ -67,24 +67,20 @@ class TokenChecker(object):
         self._dbs = {}
 
     def _tokens_dbname(self):
-        dbname = self.TOKENS_DB_PREFIX + \
-            str(int(time.time() / self.TOKENS_DB_EXPIRE))
-        return dbname
-
-    def _get_db(self, dbname):
-        if dbname not in self._dbs:
-            self._dbs[dbname] = self._server[dbname]
-        return self._dbs[dbname]
-
-    def _tokens_db(self):
         # the tokens db rotates every 30 days, and the current db name is
         # "tokens_NNN", where NNN is the number of seconds since epoch
         # divide dby the rotate period in seconds. When rotating, old and
         # new tokens db coexist during a certain window of time and valid
         # tokens are replicated from the old db to the new one. See:
         # https://leap.se/code/issues/6785
+        dbname = self.TOKENS_DB_PREFIX + \
+            str(int(time.time() / self.TOKENS_DB_EXPIRE))
+        return dbname
+
+    def _tokens_db(self):
         dbname = self._tokens_dbname()
-        db = self._get_db(dbname)
+        with self._server as server:
+            db = server[dbname]
         return db
 
     def requestAvatarId(self, credentials):
diff --git a/server/src/leap/soledad/server/session.py b/server/src/leap/soledad/server/session.py
index a56e4e97..a2793bd3 100644
--- a/server/src/leap/soledad/server/session.py
+++ b/server/src/leap/soledad/server/session.py
@@ -104,6 +104,3 @@ class SoledadSession(HTTPAuthSessionWrapper):
 
         # if all checks pass, try to login with credentials
         return util.DeferredResource(self._login(credentials))
-
-
-soledadSession = SoledadSession()
diff --git a/testing/tests/server/test_auth.py b/testing/tests/server/test_auth.py
index 0e6baba3..5b215650 100644
--- a/testing/tests/server/test_auth.py
+++ b/testing/tests/server/test_auth.py
@@ -19,6 +19,8 @@ Tests for auth pieces.
 """
 import collections
 
+from contextlib import contextmanager
+
 from twisted.cred.credentials import UsernamePassword
 from twisted.cred.error import UnauthorizedLogin
 from twisted.internet.defer import inlineCallbacks
@@ -54,13 +56,18 @@ class DummyServer(object):
         return self._token
 
 
+@contextmanager
+def dummy_server(token):
+    yield collections.defaultdict(lambda: DummyServer(token))
+
+
 class TokenCheckerTestCase(unittest.TestCase):
 
     @inlineCallbacks
     def test_good_creds(self):
         # set up a dummy server which always return a *valid* token document
         token = {'user_id': 'user', 'type': 'Token'}
-        server = collections.defaultdict(lambda: DummyServer(token))
+        server = dummy_server(token)
         # setup the checker with the custom server
         checker = TokenChecker(server=server)
         # assert the checker *can* verify the creds
@@ -72,7 +79,7 @@ class TokenCheckerTestCase(unittest.TestCase):
     def test_bad_creds(self):
         # set up a dummy server which always return an *invalid* token document
         token = None
-        server = collections.defaultdict(lambda: DummyServer(token))
+        server = dummy_server(token)
         # setup the checker with the custom server
         checker = TokenChecker(server=server)
         # assert the checker *cannot* verify the creds
diff --git a/testing/tests/server/test_session.py b/testing/tests/server/test_session.py
index 7883ef4a..8131ddb3 100644
--- a/testing/tests/server/test_session.py
+++ b/testing/tests/server/test_session.py
@@ -17,24 +17,20 @@
 """
 Tests for server session entrypoint.
 """
-from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse
+from twisted.trial import unittest
+
 from twisted.cred import portal
+from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse
+from twisted.cred.credentials import IUsernamePassword
+from twisted.web.resource import getChildForRequest
+from twisted.web.static import Data
+from twisted.web.test.requesthelper import DummyRequest
 from twisted.web.test.test_httpauth import b64encode
 from twisted.web.test.test_httpauth import Realm
-from twisted.web.test.requesthelper import DummyRequest
-from twisted.web.resource import getChildForRequest
-
-from twisted.web.resource import Resource
-
-from twisted.trial import unittest
+from twisted.web._auth.wrapper import UnauthorizedResource
 
 from leap.soledad.server.session import SoledadSession
 
-from twisted.web.static import Data
-from twisted.web._auth.wrapper import UnauthorizedResource
-from twisted.cred.credentials import IUsernamePassword
-from twisted.cred.checkers import ANONYMOUS, AllowAnonymousAccess
-
 
 class SoledadSessionTestCase(unittest.TestCase):
     """
@@ -168,6 +164,7 @@ class SoledadSessionTestCase(unittest.TestCase):
         child = getChildForRequest(self.wrapper, request)
         request.render(child)
         self.assertEqual(request.responseCode, 500)
+        self.assertEqual(len(self.flushLoggedErrors(UnexpectedException)), 1)
 
     def test_unexpectedLoginError(self):
         class UnexpectedException(Exception):
@@ -184,26 +181,4 @@ class SoledadSessionTestCase(unittest.TestCase):
         child = self._authorizedTokenLogin(request)
         request.render(child)
         self.assertEqual(request.responseCode, 500)
-
-    def test_anonymousAccess(self):
-        """
-        Anonymous requests are allowed if a L{Portal} has an anonymous checker
-        registered.
-        """
-        unprotectedContents = b"contents of the unprotected child resource"
-
-        self.avatars[ANONYMOUS] = Resource()
-        self.avatars[ANONYMOUS].putChild(
-            self.childName, Data(unprotectedContents, 'text/plain'))
-        self.portal.registerChecker(AllowAnonymousAccess())
-
-        request = self.makeRequest([self.childName])
-        child = getChildForRequest(self.wrapper, request)
-        d = request.notifyFinish()
-
-        def cbFinished(ignored):
-            self.assertEqual(request.written, [unprotectedContents])
-
-        d.addCallback(cbFinished)
-        request.render(child)
-        return d
+        self.assertEqual(len(self.flushLoggedErrors(UnexpectedException)), 1)