You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

281 lines
12 KiB

  1. # -*- coding: utf-8 -*-
  2. # Copyright 2016 LasLabs Inc.
  3. # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
  4. import mock
  5. from contextlib import contextmanager
  6. from openerp.tests.common import TransactionCase
  7. from openerp.http import Response
  8. from ..controllers import main
  9. IMPORT = 'openerp.addons.password_security.controllers.main'
  10. class EndTestException(Exception):
  11. """ It allows for isolation of resources by raise """
  12. class MockResponse(object):
  13. def __new__(cls):
  14. return mock.Mock(spec=Response)
  15. class MockPassError(main.PassError):
  16. def __init__(self):
  17. super(MockPassError, self).__init__('Message')
  18. class TestPasswordSecurityHome(TransactionCase):
  19. def setUp(self):
  20. super(TestPasswordSecurityHome, self).setUp()
  21. self.PasswordSecurityHome = main.PasswordSecurityHome
  22. self.password_security_home = self.PasswordSecurityHome()
  23. self.passwd = 'I am a password!'
  24. self.qcontext = {
  25. 'password': self.passwd,
  26. }
  27. @contextmanager
  28. def mock_assets(self):
  29. """ It mocks and returns assets used by this controller """
  30. methods = ['do_signup', 'web_login', 'web_auth_signup',
  31. 'web_auth_reset_password',
  32. ]
  33. with mock.patch.multiple(
  34. main.AuthSignupHome, **{m: mock.DEFAULT for m in methods}
  35. ) as _super:
  36. mocks = {}
  37. for method in methods:
  38. mocks[method] = _super[method]
  39. mocks[method].return_value = MockResponse()
  40. with mock.patch('%s.request' % IMPORT) as request:
  41. with mock.patch('%s.ensure_db' % IMPORT) as ensure:
  42. with mock.patch('%s.http' % IMPORT) as http:
  43. http.redirect_with_hash.return_value = \
  44. MockResponse()
  45. mocks.update({
  46. 'request': request,
  47. 'ensure_db': ensure,
  48. 'http': http,
  49. })
  50. yield mocks
  51. def test_do_signup_check(self):
  52. """ It should check password on user """
  53. with self.mock_assets() as assets:
  54. check_password = assets['request'].env.user.check_password
  55. check_password.side_effect = EndTestException
  56. with self.assertRaises(EndTestException):
  57. self.password_security_home.do_signup(self.qcontext)
  58. check_password.assert_called_once_with(
  59. self.passwd,
  60. )
  61. def test_do_signup_return(self):
  62. """ It should return result of super """
  63. with self.mock_assets() as assets:
  64. res = self.password_security_home.do_signup(self.qcontext)
  65. self.assertEqual(assets['do_signup'](), res)
  66. def test_web_login_ensure_db(self):
  67. """ It should verify available db """
  68. with self.mock_assets() as assets:
  69. assets['ensure_db'].side_effect = EndTestException
  70. with self.assertRaises(EndTestException):
  71. self.password_security_home.web_login()
  72. def test_web_login_super(self):
  73. """ It should call superclass w/ proper args """
  74. expect_list = [1, 2, 3]
  75. expect_dict = {'test1': 'good1', 'test2': 'good2'}
  76. with self.mock_assets() as assets:
  77. assets['web_login'].side_effect = EndTestException
  78. with self.assertRaises(EndTestException):
  79. self.password_security_home.web_login(
  80. *expect_list, **expect_dict
  81. )
  82. assets['web_login'].assert_called_once_with(
  83. *expect_list, **expect_dict
  84. )
  85. def test_web_login_no_post(self):
  86. """ It should return immediate result of super when not POST """
  87. with self.mock_assets() as assets:
  88. assets['request'].httprequest.method = 'GET'
  89. assets['request'].session.authenticate.side_effect = \
  90. EndTestException
  91. res = self.password_security_home.web_login()
  92. self.assertEqual(
  93. assets['web_login'](), res,
  94. )
  95. def test_web_login_authenticate(self):
  96. """ It should attempt authentication to obtain uid """
  97. with self.mock_assets() as assets:
  98. assets['request'].httprequest.method = 'POST'
  99. authenticate = assets['request'].session.authenticate
  100. request = assets['request']
  101. authenticate.side_effect = EndTestException
  102. with self.assertRaises(EndTestException):
  103. self.password_security_home.web_login()
  104. authenticate.assert_called_once_with(
  105. request.session.db,
  106. request.params['login'],
  107. request.params['password'],
  108. )
  109. def test_web_login_authenticate_fail(self):
  110. """ It should return super result if failed auth """
  111. with self.mock_assets() as assets:
  112. authenticate = assets['request'].session.authenticate
  113. request = assets['request']
  114. request.httprequest.method = 'POST'
  115. request.env['res.users'].sudo.side_effect = EndTestException
  116. authenticate.return_value = False
  117. res = self.password_security_home.web_login()
  118. self.assertEqual(
  119. assets['web_login'](), res,
  120. )
  121. def test_web_login_get_user(self):
  122. """ It should get the proper user as sudo """
  123. with self.mock_assets() as assets:
  124. request = assets['request']
  125. request.httprequest.method = 'POST'
  126. sudo = request.env['res.users'].sudo()
  127. sudo.browse.side_effect = EndTestException
  128. with self.assertRaises(EndTestException):
  129. self.password_security_home.web_login()
  130. sudo.browse.assert_called_once_with(
  131. request.uid
  132. )
  133. def test_web_login_valid_pass(self):
  134. """ It should return parent result if pass isn't expired """
  135. with self.mock_assets() as assets:
  136. request = assets['request']
  137. request.httprequest.method = 'POST'
  138. user = request.env['res.users'].sudo().browse()
  139. user.action_expire_password.side_effect = EndTestException
  140. user._password_has_expired.return_value = False
  141. res = self.password_security_home.web_login()
  142. self.assertEqual(
  143. assets['web_login'](), res,
  144. )
  145. def test_web_login_expire_pass(self):
  146. """ It should expire password if necessary """
  147. with self.mock_assets() as assets:
  148. request = assets['request']
  149. request.httprequest.method = 'POST'
  150. user = request.env['res.users'].sudo().browse()
  151. user.action_expire_password.side_effect = EndTestException
  152. user._password_has_expired.return_value = True
  153. with self.assertRaises(EndTestException):
  154. self.password_security_home.web_login()
  155. def test_web_login_log_out_if_expired(self):
  156. """It should log out user if password expired"""
  157. with self.mock_assets() as assets:
  158. request = assets['request']
  159. request.httprequest.method = 'POST'
  160. user = request.env['res.users'].sudo().browse()
  161. user._password_has_expired.return_value = True
  162. self.password_security_home.web_login()
  163. logout_mock = request.session.logout
  164. logout_mock.assert_called_once_with(keep_db=True)
  165. def test_web_login_redirect(self):
  166. """ It should redirect w/ hash to reset after expiration """
  167. with self.mock_assets() as assets:
  168. request = assets['request']
  169. request.httprequest.method = 'POST'
  170. user = request.env['res.users'].sudo().browse()
  171. user._password_has_expired.return_value = True
  172. res = self.password_security_home.web_login()
  173. self.assertEqual(
  174. assets['http'].redirect_with_hash(), res,
  175. )
  176. def test_web_auth_signup_valid(self):
  177. """ It should return super if no errors """
  178. with self.mock_assets() as assets:
  179. res = self.password_security_home.web_auth_signup()
  180. self.assertEqual(
  181. assets['web_auth_signup'](), res,
  182. )
  183. def test_web_auth_signup_invalid_qcontext(self):
  184. """ It should catch PassError and get signup qcontext """
  185. with self.mock_assets() as assets:
  186. with mock.patch.object(
  187. main.AuthSignupHome, 'get_auth_signup_qcontext',
  188. ) as qcontext:
  189. assets['web_auth_signup'].side_effect = MockPassError
  190. qcontext.side_effect = EndTestException
  191. with self.assertRaises(EndTestException):
  192. self.password_security_home.web_auth_signup()
  193. def test_web_auth_signup_invalid_render(self):
  194. """ It should render & return signup form on invalid """
  195. with self.mock_assets() as assets:
  196. with mock.patch.object(
  197. main.AuthSignupHome, 'get_auth_signup_qcontext', spec=dict
  198. ) as qcontext:
  199. assets['web_auth_signup'].side_effect = MockPassError
  200. res = self.password_security_home.web_auth_signup()
  201. assets['request'].render.assert_called_once_with(
  202. 'auth_signup.signup', qcontext(),
  203. )
  204. self.assertEqual(
  205. assets['request'].render(), res,
  206. )
  207. def test_web_auth_reset_password_fail_login(self):
  208. """ It should raise from failed _validate_pass_reset by login """
  209. with self.mock_assets() as assets:
  210. with mock.patch.object(
  211. main.AuthSignupHome, 'get_auth_signup_qcontext', spec=dict
  212. ) as qcontext:
  213. qcontext['login'] = 'login'
  214. search = assets['request'].env.sudo().search
  215. assets['request'].httprequest.method = 'POST'
  216. user = mock.MagicMock()
  217. user._validate_pass_reset.side_effect = MockPassError
  218. search.return_value = user
  219. with self.assertRaises(MockPassError):
  220. self.password_security_home.web_auth_reset_password()
  221. def test_web_auth_reset_password_fail_email(self):
  222. """ It should raise from failed _validate_pass_reset by email """
  223. with self.mock_assets() as assets:
  224. with mock.patch.object(
  225. main.AuthSignupHome, 'get_auth_signup_qcontext', spec=dict
  226. ) as qcontext:
  227. qcontext['login'] = 'login'
  228. search = assets['request'].env.sudo().search
  229. assets['request'].httprequest.method = 'POST'
  230. user = mock.MagicMock()
  231. user._validate_pass_reset.side_effect = MockPassError
  232. search.side_effect = [[], user]
  233. with self.assertRaises(MockPassError):
  234. self.password_security_home.web_auth_reset_password()
  235. def test_web_auth_reset_password_success(self):
  236. """ It should return parent response on no validate errors """
  237. with self.mock_assets() as assets:
  238. with mock.patch.object(
  239. main.AuthSignupHome, 'get_auth_signup_qcontext', spec=dict
  240. ) as qcontext:
  241. qcontext['login'] = 'login'
  242. assets['request'].httprequest.method = 'POST'
  243. res = self.password_security_home.web_auth_reset_password()
  244. self.assertEqual(
  245. assets['web_auth_reset_password'](), res,
  246. )