1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
|
# -*- coding: utf-8 -*
# Cork - Authentication module for the Bottle web framework
# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file.
# Released under LGPLv3+ license, see LICENSE.txt
#
# Functional testing - test the Cork module against diffent database backends
from base64 import b64encode, b64decode
from pytest import raises
import bottle
import mock
import os
import pytest
import time
from cork import Cork, AAAException, AuthException
from cork.backends import JsonBackend
from cork.backends import MongoDBBackend
from cork.backends import SQLiteBackend
from cork.backends import SqlAlchemyBackend
from conftest import assert_is_redirect
try:
import pymongo
pymongo_available = True
except ImportError:
pymongo_available = False
try:
import MySQLdb
MySQLdb_available = True
except ImportError:
MySQLdb_available = False
### Mocked classes
class MockedSession(object):
"""Mock Beaker session
"""
def __init__(self, username=None):
self.__username = username
self.__saved = False
def get(self, k, default):
assert k in ('username')
if self.__username is None:
return default
return self.__username
def __getitem__(self, k):
assert k in ('username')
if self.__username is None:
raise KeyError()
return self.__username
def __setitem__(self, k, v):
assert k in ('username')
self.__username = v
self.__saved = False
def delete(self):
"""Used during logout to delete the current session"""
self.__username = None
def save(self):
self.__saved = True
#TODO: implement tests around MockedSession __saved
class MockedSessionCork(Cork):
"""Mocked Cork instance where the session is replaced with
MockedSession
"""
@property
def _beaker_session(self):
return self._mocked_beaker_session
### Fixtures and helpers
## Backends
def setup_sqlite_db(request):
# in-memory SQLite DB using the SQLiteBackend backend module.
b = SQLiteBackend(':memory:', initialize=True)
b.connection.executescript("""
INSERT INTO users (username, email_addr, desc, role, hash, creation_date) VALUES
(
'admin',
'admin@localhost.local',
'admin test user',
'admin',
'cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=',
'2012-10-28 20:50:26.286723'
);
INSERT INTO roles (role, level) VALUES ('special', 200);
INSERT INTO roles (role, level) VALUES ('admin', 100);
INSERT INTO roles (role, level) VALUES ('editor', 60);
INSERT INTO roles (role, level) VALUES ('user', 50);
""")
return b
def setup_json_db(request, tmpdir):
# Setup test directory with valid JSON files and return JsonBackend instance
tmpdir.join('users.json').write("""{"admin": {"email_addr": "admin@localhost.local", "desc": null, "role": "admin", "hash": "69f75f38ac3bfd6ac813794f3d8c47acc867adb10b806e8979316ddbf6113999b6052efe4ba95c0fa9f6a568bddf60e8e5572d9254dbf3d533085e9153265623", "creation_date": "2012-04-09 14:22:27.075596", "last_login": "2012-10-28 20:50:26.286723"}}""")
tmpdir.join('roles.json').write("""{"special": 200, "admin": 100, "user": 50, "editor": 60}""")
tmpdir.join('register.json').write("""{}""")
return JsonBackend(tmpdir)
def setup_sqlalchemy_with_sqlite_in_memory_db(request):
# Setup an SqlAlchemyBackend backend using an in-memory SQLite DB
mb = SqlAlchemyBackend('sqlite:///:memory:', initialize=True)
## Purge DB
mb._drop_all_tables()
assert len(mb.roles) == 0
assert len(mb.users) == 0
# Create roles
mb.roles.insert({'role': 'special', 'level': 200})
mb.roles.insert({'role': 'admin', 'level': 100})
mb.roles.insert({'role': 'editor', 'level': 60})
mb.roles.insert({'role': 'user', 'level': 50})
# Create admin
mb.users.insert({
"username": "admin",
"email_addr": "admin@localhost.local",
"desc": "admin test user",
"role": "admin",
"hash": "cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=",
"creation_date": "2012-10-28 20:50:26.286723",
"last_login": "2012-10-28 20:50:26.286723"
})
assert len(mb.roles) == 4
assert len(mb.users) == 1
def fin():
mb._drop_all_tables()
assert len(mb.roles) == 0
assert len(mb.users) == 0
request.addfinalizer(fin)
return mb
#def purge_test_db(self):
# # Purge DB
# mb = connect_to_test_db()
# mb._drop_all_tables()
def setup_mongo_db(request):
# FIXME no last_login?
t0 = time.time()
def timer(s, max_time=None):
delta = time.time() - t0
print("%s %f" % (s, delta))
if max_time is not None:
assert delta < max_time
mb = MongoDBBackend(db_name='cork-functional-test', initialize=True)
timer('connect + init')
# Purge DB
mb.users._coll.drop()
mb.roles._coll.drop()
mb.pending_registrations._coll.drop()
timer('purge')
# Create admin
mb.users._coll.insert({
"login": "admin",
"email_addr": "admin@localhost.local",
"desc": "admin test user",
"role": "admin",
"hash": "cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=",
"creation_date": "2012-10-28 20:50:26.286723"
})
timer('create')
# Create users
mb.roles._coll.insert({'role': 'special', 'val': 200})
mb.roles._coll.insert({'role': 'admin', 'val': 100})
mb.roles._coll.insert({'role': 'editor', 'val': 60})
mb.roles._coll.insert({'role': 'user', 'val': 50})
timer('create users')
def fin():
mb.users._coll.drop()
mb.roles._coll.drop()
request.addfinalizer(fin)
timer('mongo setup', 8)
return mb
def setup_mysql_db(request):
if os.environ.get('TRAVIS', False):
# Using Travis-CI - https://travis-ci.org/
password = ''
db_name = 'myapp_test'
else:
password = ''
db_name = 'cork_functional_test'
uri = "mysql://root:%s@localhost/%s" % (password, db_name)
mb = SqlAlchemyBackend(uri, initialize=True)
## Purge DB
mb._drop_all_tables()
assert len(mb.roles) == 0
assert len(mb.users) == 0
# Create roles
mb.roles.insert({'role': 'special', 'level': 200})
mb.roles.insert({'role': 'admin', 'level': 100})
mb.roles.insert({'role': 'editor', 'level': 60})
mb.roles.insert({'role': 'user', 'level': 50})
# Create admin
mb.users.insert({
"username": "admin",
"email_addr": "admin@localhost.local",
"desc": "admin test user",
"role": "admin",
"hash": "cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=",
"creation_date": "2012-10-28 20:50:26.286723",
"last_login": "2012-10-28 20:50:26.286723"
})
assert len(mb.roles) == 4
assert len(mb.users) == 1
def fin():
return # TODO: fix
mb._drop_all_tables()
assert len(mb.roles) == 0
assert len(mb.users) == 0
request.addfinalizer(fin)
return mb
def setup_postgresql_db(request):
if os.environ.get('TRAVIS', False):
# Using Travis-CI - https://travis-ci.org/
db_name = 'myapp_test'
else:
db_name = 'cork_functional_test'
uri = "postgresql+psycopg2://postgres:@/%s" % db_name
mb = SqlAlchemyBackend(uri, initialize=True)
# Purge DB
mb._drop_all_tables()
assert len(mb.roles) == 0
assert len(mb.users) == 0
# Create roles
mb.roles.insert({'role': 'special', 'level': 200})
mb.roles.insert({'role': 'admin', 'level': 100})
mb.roles.insert({'role': 'editor', 'level': 60})
mb.roles.insert({'role': 'user', 'level': 50})
# Create admin
mb.users.insert({
"username": "admin",
"email_addr": "admin@localhost.local",
"desc": "admin test user",
"role": "admin",
"hash": "cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=",
"creation_date": "2012-10-28 20:50:26.286723",
"last_login": "2012-10-28 20:50:26.286723"
})
assert len(mb.roles) == 4
assert len(mb.users) == 1
def fin():
mb._drop_all_tables()
assert len(mb.roles) == 0
assert len(mb.users) == 0
request.addfinalizer(fin)
return mb
## General fixtures
@pytest.fixture(params=[
'json',
'mongodb',
'mysql',
'postgresql',
'sqlalchemy',
'sqlite',
])
def backend(tmpdir, request):
# Create backend instances
backend_type = request.param
if backend_type == 'json':
return setup_json_db(request, tmpdir)
if backend_type == 'sqlite':
return setup_sqlite_db(request)
if backend_type == 'sqlalchemy':
return setup_sqlalchemy_with_sqlite_in_memory_db(request)
if backend_type == 'mongodb':
if not pymongo_available:
pytest.skip()
return setup_mongo_db(request)
if backend_type == 'mysql':
if not MySQLdb_available:
pytest.skip()
return setup_mysql_db(request)
if backend_type == 'postgresql':
return setup_postgresql_db(request)
raise Exception()
@pytest.fixture
def aaa_unauth(templates_dir, backend):
# Session without any authenticated user
aaa = MockedSessionCork(
templates_dir,
backend=backend,
smtp_server='localhost',
email_sender='test@localhost',
)
aaa._mocked_beaker_session = MockedSession()
return aaa
@pytest.fixture
def aaa_admin(templates_dir, backend):
# Session with an admin user
aaa = MockedSessionCork(
templates_dir,
backend=backend,
email_sender='test@localhost',
smtp_server='localhost',
)
aaa._mocked_beaker_session = MockedSession(username='admin')
return aaa
### Tests
def test_verify_password(aaa_admin):
salted_hash = b'cFc8Yx4vLF7qNr2mqeH5PEoFX8T4+LJhEcJTxWhTVYLbIa6vI6DiGmYeP6PZ5iCyucnCJKEd5QOBGyDlmWN82b0='
v = aaa_admin._verify_password(u'admin', u'newpwd', salted_hash)
assert v is True
def test_set_password_directly(aaa_admin):
#assert aaa_admin.login(u'admin', u'newpwd') == False
user = aaa_admin.user(u'admin')
assert user
user.update(pwd='newpwd')
assert aaa_admin.login(u'admin', u'newpwd')
def test_perform_password_reset(aaa_admin):
token = aaa_admin._reset_code(u'admin', u'admin@localhost.local')
aaa_admin.reset_password(token, u'newpassword')
login = aaa_admin.login(u'admin', u'newpassword')
assert login == True, "Login must succeed"
|
