270 lines
9.6 KiB

  1. # -*- coding: utf-8 -*-
  2. # Copyright 2016 SYLEAM
  3. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
  4. from datetime import datetime, timedelta
  5. from openerp import fields, exceptions
  6. from openerp.tests.common import TransactionCase
  7. class TestOAuthProviderToken(TransactionCase):
  8. def setUp(self):
  9. super(TestOAuthProviderToken, self).setUp()
  10. self.client = self.env['oauth.provider.client'].create({
  11. 'name': 'Client',
  12. 'identifier': 'client',
  13. })
  14. self.token_vals = {
  15. 'user_id': self.env.user.id,
  16. 'client_id': self.client.id,
  17. 'token': 'token',
  18. 'expires_at': fields.Datetime.now(),
  19. }
  20. self.filter = self.env['ir.filters'].create({
  21. 'name': 'Current user',
  22. 'model_id': 'res.users',
  23. 'domain': "[('id', '=', uid)]",
  24. })
  25. self.scope_vals = {
  26. 'name': 'Scope',
  27. 'code': 'scope',
  28. 'description': 'Description of the scope',
  29. 'model_id': self.env.ref('base.model_res_users').id,
  30. 'filter_id': self.filter.id,
  31. 'field_ids': [
  32. (6, 0, [self.env.ref('base.field_res_users_email').id]),
  33. ],
  34. }
  35. def new_token(self, vals=None):
  36. values = self.token_vals
  37. if vals is not None:
  38. values.update(vals)
  39. return self.env['oauth.provider.token'].create(values)
  40. def new_scope(self, vals=None):
  41. values = self.scope_vals
  42. if vals is not None:
  43. values.update(vals)
  44. return self.env['oauth.provider.scope'].create(values)
  45. def test_inactive(self):
  46. """ Check the value of the active field, for an expired token """
  47. not_expired = datetime.now() + timedelta(days=1)
  48. token = self.new_token(vals={
  49. 'token': 'Active',
  50. 'expires_at': fields.Datetime.to_string(not_expired),
  51. })
  52. self.assertEqual(token.active, True)
  53. def test_active(self):
  54. """ Check the value of the active field, for a not expired token """
  55. expired = datetime.now() - timedelta(minutes=1)
  56. token = self.new_token(vals={
  57. 'token': 'Not active',
  58. 'expires_at': fields.Datetime.to_string(expired),
  59. })
  60. self.assertEqual(token.active, False)
  61. def _generate_tokens_for_active_search(self):
  62. not_expired = datetime.now() + timedelta(days=1)
  63. not_expired_tokens = self.new_token(vals={
  64. 'token': 'Not expired',
  65. 'expires_at': fields.Datetime.to_string(not_expired),
  66. })
  67. not_expired_tokens += not_expired_tokens.copy(default={
  68. 'token': 'Other not expired',
  69. })
  70. expired = datetime.now() - timedelta(minutes=1)
  71. expired_tokens = self.new_token(vals={
  72. 'token': 'Expired',
  73. 'expires_at': fields.Datetime.to_string(expired),
  74. })
  75. expired_tokens += expired_tokens.copy(default={
  76. 'token': 'Other expired',
  77. })
  78. return expired_tokens, not_expired_tokens
  79. def test_search_empty_domain(self):
  80. """ Check the results of searching tokens with an empty domain
  81. Only active tokens should be returned
  82. """
  83. token_obj = self.env['oauth.provider.token']
  84. expired_tokens, not_expired_tokens = \
  85. self._generate_tokens_for_active_search()
  86. self.assertEqual(token_obj.search([]), not_expired_tokens)
  87. def test_active_search_equal_true(self):
  88. """ Check the results of searching tokens with explicit active = True domain
  89. """
  90. token_obj = self.env['oauth.provider.token']
  91. expired_tokens, not_expired_tokens = \
  92. self._generate_tokens_for_active_search()
  93. self.assertEqual(token_obj.search([
  94. ('active', '=', True),
  95. ]), not_expired_tokens)
  96. def test_active_search_equal_false(self):
  97. """ Check the results of searching tokens with active = False domain
  98. """
  99. token_obj = self.env['oauth.provider.token']
  100. expired_tokens, not_expired_tokens = \
  101. self._generate_tokens_for_active_search()
  102. self.assertEqual(token_obj.search([
  103. ('active', '=', False),
  104. ]), expired_tokens)
  105. def test_active_search_not_equal_true(self):
  106. """ Check the results of searching tokens with active != True domain
  107. """
  108. token_obj = self.env['oauth.provider.token']
  109. expired_tokens, not_expired_tokens = \
  110. self._generate_tokens_for_active_search()
  111. self.assertEqual(token_obj.search([
  112. ('active', '!=', True),
  113. ]), expired_tokens)
  114. def test_active_search_not_equal_false(self):
  115. """ Check the results of searching tokens with active != False domain
  116. """
  117. token_obj = self.env['oauth.provider.token']
  118. expired_tokens, not_expired_tokens = \
  119. self._generate_tokens_for_active_search()
  120. self.assertEqual(token_obj.search([
  121. ('active', '!=', False),
  122. ]), not_expired_tokens)
  123. def test_active_search_in_true(self):
  124. """ Check the results of searching tokens with active in (True,) domain
  125. """
  126. token_obj = self.env['oauth.provider.token']
  127. expired_tokens, not_expired_tokens = \
  128. self._generate_tokens_for_active_search()
  129. self.assertEqual(token_obj.search([
  130. ('active', 'in', (True,)),
  131. ]), not_expired_tokens)
  132. def test_active_search_in_false(self):
  133. """ Check the results of searching tokens with active in (False,) domain
  134. """
  135. token_obj = self.env['oauth.provider.token']
  136. expired_tokens, not_expired_tokens = \
  137. self._generate_tokens_for_active_search()
  138. self.assertEqual(token_obj.search([
  139. ('active', 'in', (False,)),
  140. ]), expired_tokens)
  141. def test_active_search_not_in_true(self):
  142. """ Check the results of searching tokens with active not in (True,) domain
  143. """
  144. token_obj = self.env['oauth.provider.token']
  145. expired_tokens, not_expired_tokens = \
  146. self._generate_tokens_for_active_search()
  147. self.assertEqual(token_obj.search([
  148. ('active', 'not in', (True,)),
  149. ]), expired_tokens)
  150. def test_active_search_not_in_false(self):
  151. """ Check the results of searching tokens with active not in (False,) domain
  152. """
  153. token_obj = self.env['oauth.provider.token']
  154. expired_tokens, not_expired_tokens = \
  155. self._generate_tokens_for_active_search()
  156. self.assertEqual(token_obj.search([
  157. ('active', 'not in', (False,)),
  158. ]), not_expired_tokens)
  159. def test_active_search_in_true_false(self):
  160. """ Check the results of searching tokens with active in (True, False) domain
  161. """
  162. token_obj = self.env['oauth.provider.token']
  163. expired_tokens, not_expired_tokens = \
  164. self._generate_tokens_for_active_search()
  165. self.assertEqual(token_obj.search([
  166. ('active', 'in', (True, False)),
  167. ]), not_expired_tokens + expired_tokens)
  168. def test_active_search_not_in_true_false(self):
  169. """ Check the results of searching tokens with active notin (True,False) domain
  170. """
  171. token_obj = self.env['oauth.provider.token']
  172. expired_tokens, not_expired_tokens = \
  173. self._generate_tokens_for_active_search()
  174. self.assertEqual(token_obj.search([
  175. ('active', 'not in', (True, False)),
  176. ]), token_obj)
  177. def test_active_search_invalid_operator(self):
  178. """ Check the results of searching tokens with an invalid operatr in domain
  179. """
  180. token_obj = self.env['oauth.provider.token']
  181. expired_tokens, not_expired_tokens = \
  182. self._generate_tokens_for_active_search()
  183. with self.assertRaises(exceptions.UserError):
  184. token_obj.search([('active', '>', True)])
  185. def test_get_data_from_model_with_at_least_one_scope_matching(self):
  186. """ Check the values returned by the get_data_for_model method with
  187. at least one scope matching the data
  188. """
  189. scopes = self.new_scope()
  190. scopes += self.new_scope({
  191. 'code': 'All users',
  192. 'filter_id': False,
  193. })
  194. token = self.new_token(vals={
  195. 'scope_ids': [(6, 0, scopes.ids)],
  196. })
  197. # Check a simple call with the right model with empty fields
  198. data = token.get_data_for_model('res.users')
  199. self.assertEqual(
  200. sorted(data.keys()), sorted(self.env['res.users'].search([]).ids))
  201. def test_get_data_from_model_with_all_scopes_matching(self):
  202. """ Check the values returned by the get_data_for_model method with
  203. all scopes required to match the data
  204. """
  205. scopes = self.new_scope()
  206. scopes += self.new_scope({
  207. 'code': 'All users',
  208. 'filter_id': False,
  209. })
  210. token = self.new_token(vals={
  211. 'scope_ids': [(6, 0, scopes.ids)],
  212. })
  213. # Check a simple call with the right model without empty fields
  214. data = token.get_data_for_model('res.users', all_scopes_match=True)
  215. self.assertEqual(data, {self.env.user.id: {
  216. 'id': 1,
  217. 'email': self.env.user.email,
  218. }})
  219. def test_get_data_from_model_with_no_scope_matching(self):
  220. """ Check the values returned by the get_data_for_model method with
  221. an unauthorized model
  222. """
  223. token = self.new_token()
  224. # Check a simple call with a wrong model
  225. data = token.get_data_for_model('res.partner')
  226. self.assertEqual(data, {})