Browse Source
Merge pull request #580 from LasLabs/release/10.0/auth_session_timeout
Merge pull request #580 from LasLabs/release/10.0/auth_session_timeout
[MIG][10.0] auth_session_timeoutpull/1044/head
Pedro M. Baeza
7 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 337 additions and 102 deletions
-
6.travis.yml
-
44auth_session_timeout/README.rst
-
1auth_session_timeout/__init__.py
-
19auth_session_timeout/__manifest__.py
-
23auth_session_timeout/data/ir_config_parameter_data.xml
-
1auth_session_timeout/models/__init__.py
-
44auth_session_timeout/models/ir_config_parameter.py
-
119auth_session_timeout/models/res_users.py
-
4auth_session_timeout/tests/__init__.py
-
66auth_session_timeout/tests/test_ir_config_parameter.py
-
108auth_session_timeout/tests/test_res_users.py
-
4base_external_system/tests/common.py
@ -1,6 +1,5 @@ |
|||||
# -*- coding: utf-8 -*- |
# -*- coding: utf-8 -*- |
||||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
# (c) 2015 ACSONE SA/NV, Dhinesh D |
||||
|
|
||||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
||||
|
|
||||
from . import models |
from . import models |
@ -1,28 +1,23 @@ |
|||||
# -*- coding: utf-8 -*- |
# -*- coding: utf-8 -*- |
||||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
# (c) 2015 ACSONE SA/NV, Dhinesh D |
||||
|
|
||||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
||||
|
|
||||
{ |
{ |
||||
'name': "Inactive Sessions Timeout", |
'name': "Inactive Sessions Timeout", |
||||
|
|
||||
'summary': """ |
'summary': """ |
||||
This module disable all inactive sessions since a given delay""", |
This module disable all inactive sessions since a given delay""", |
||||
|
|
||||
'author': "ACSONE SA/NV, Dhinesh D, Odoo Community Association (OCA)", |
|
||||
|
'author': "ACSONE SA/NV, " |
||||
|
"Dhinesh D, " |
||||
|
"Jesse Morgan, " |
||||
|
"LasLabs, " |
||||
|
"Odoo Community Association (OCA)", |
||||
'maintainer': 'Odoo Community Association (OCA)', |
'maintainer': 'Odoo Community Association (OCA)', |
||||
'website': "http://acsone.eu", |
'website': "http://acsone.eu", |
||||
|
|
||||
'category': 'Tools', |
'category': 'Tools', |
||||
'version': '9.0.1.0.0', |
|
||||
|
'version': '10.0.1.0.0', |
||||
'license': 'AGPL-3', |
'license': 'AGPL-3', |
||||
|
|
||||
'depends': [ |
|
||||
'base', |
|
||||
], |
|
||||
|
|
||||
'data': [ |
'data': [ |
||||
'data/ir_config_parameter_data.xml' |
'data/ir_config_parameter_data.xml' |
||||
], |
], |
||||
'installable': False, |
|
||||
|
'installable': True, |
||||
} |
} |
@ -1,6 +1,5 @@ |
|||||
# -*- coding: utf-8 -*- |
# -*- coding: utf-8 -*- |
||||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
# (c) 2015 ACSONE SA/NV, Dhinesh D |
||||
|
|
||||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
||||
|
|
||||
from . import res_users |
from . import res_users |
||||
|
@ -1,6 +1,4 @@ |
|||||
# -*- coding: utf-8 -*- |
# -*- coding: utf-8 -*- |
||||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
|
||||
|
|
||||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
|
||||
|
|
||||
from . import test_ir_config_parameter |
from . import test_ir_config_parameter |
||||
|
from . import test_res_users |
@ -0,0 +1,108 @@ |
|||||
|
# -*- coding: utf-8 -*- |
||||
|
# Copyright 2016-2017 LasLabs Inc. |
||||
|
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
||||
|
|
||||
|
import mock |
||||
|
|
||||
|
from contextlib import contextmanager |
||||
|
|
||||
|
from odoo.tools.misc import mute_logger |
||||
|
from odoo.tests.common import TransactionCase |
||||
|
|
||||
|
|
||||
|
class EndTestException(Exception): |
||||
|
""" It stops tests from continuing """ |
||||
|
pass |
||||
|
|
||||
|
|
||||
|
class TestResUsers(TransactionCase): |
||||
|
|
||||
|
def setUp(self): |
||||
|
super(TestResUsers, self).setUp() |
||||
|
self.ResUsers = self.env['res.users'] |
||||
|
|
||||
|
@contextmanager |
||||
|
def _mock_assets(self, assets=None): |
||||
|
""" It provides mocked imports from res_users.py |
||||
|
:param assets: (list) Name of imports to mock. Mocks `http` if None |
||||
|
:return: (dict) Dictionary of mocks, keyed by module name |
||||
|
""" |
||||
|
if assets is None: |
||||
|
assets = ['http'] |
||||
|
patches = {name: mock.DEFAULT for name in assets} |
||||
|
with mock.patch.multiple( |
||||
|
'odoo.addons.auth_session_timeout.models.res_users', **patches |
||||
|
) as mocks: |
||||
|
yield mocks |
||||
|
|
||||
|
def _auth_timeout_check(self, http_mock): |
||||
|
""" It wraps ``_auth_timeout_check`` for easier calling """ |
||||
|
self.db = mock.MagicMock() |
||||
|
self.uid = mock.MagicMock() |
||||
|
self.passwd = mock.MagicMock() |
||||
|
self.path = '/this/is/a/test/path' |
||||
|
get_filename = http_mock.root.session_store.get_session_filename |
||||
|
get_filename.return_value = self.path |
||||
|
return self.ResUsers._auth_timeout_check() |
||||
|
|
||||
|
def test_session_validity_no_request(self): |
||||
|
""" It should return immediately if no request """ |
||||
|
with self._mock_assets() as assets: |
||||
|
assets['http'].request = False |
||||
|
res = self._auth_timeout_check(assets['http']) |
||||
|
self.assertFalse(res) |
||||
|
|
||||
|
def test_session_validity_gets_session_file(self): |
||||
|
""" It should call get the session file for the session id """ |
||||
|
with self._mock_assets() as assets: |
||||
|
get_params = assets['http'].request.env[''].get_session_parameters |
||||
|
get_params.return_value = 0, [] |
||||
|
store = assets['http'].root.session_store |
||||
|
store.get_session_filename.side_effect = EndTestException |
||||
|
with self.assertRaises(EndTestException): |
||||
|
self._auth_timeout_check(assets['http']) |
||||
|
store.get_session_filename.assert_called_once_with( |
||||
|
assets['http'].request.session.sid, |
||||
|
) |
||||
|
|
||||
|
def test_session_validity_logout(self): |
||||
|
""" It should log out of session if past deadline """ |
||||
|
with self._mock_assets(['http', 'getmtime', 'utime']) as assets: |
||||
|
get_params = assets['http'].request.env[''].get_session_parameters |
||||
|
get_params.return_value = -9999, [] |
||||
|
assets['getmtime'].return_value = 0 |
||||
|
self._auth_timeout_check(assets['http']) |
||||
|
assets['http'].request.session.logout.assert_called_once_with( |
||||
|
keep_db=True, |
||||
|
) |
||||
|
|
||||
|
def test_session_validity_updates_utime(self): |
||||
|
""" It should update utime of session file if not expired """ |
||||
|
with self._mock_assets(['http', 'getmtime', 'utime']) as assets: |
||||
|
get_params = assets['http'].request.env[''].get_session_parameters |
||||
|
get_params.return_value = 9999, [] |
||||
|
self._auth_timeout_check(assets['http']) |
||||
|
assets['utime'].assert_called_once_with( |
||||
|
assets['http'].root.session_store.get_session_filename(), |
||||
|
None, |
||||
|
) |
||||
|
|
||||
|
@mute_logger('odoo.addons.auth_session_timeout.models.res_users') |
||||
|
def test_session_validity_os_error_guard(self): |
||||
|
""" It should properly guard from OSError & return """ |
||||
|
with self._mock_assets(['http', 'utime', 'getmtime']) as assets: |
||||
|
get_params = assets['http'].request.env[''].get_session_parameters |
||||
|
get_params.return_value = 0, [] |
||||
|
assets['getmtime'].side_effect = OSError |
||||
|
res = self._auth_timeout_check(assets['http']) |
||||
|
self.assertFalse(res) |
||||
|
|
||||
|
def test_on_timeout_session_loggedout(self): |
||||
|
with self._mock_assets(['http', 'getmtime']) as assets: |
||||
|
assets['getmtime'].return_value = 0 |
||||
|
assets['http'].request.session.uid = self.env.uid |
||||
|
assets['http'].request.session.dbname = self.env.cr.dbname |
||||
|
assets['http'].request.session.sid = 123 |
||||
|
assets['http'].request.session.logout = mock.Mock() |
||||
|
self.ResUsers._auth_timeout_check() |
||||
|
self.assertTrue(assets['http'].request.session.logout.called) |
Write
Preview
Loading…
Cancel
Save
Reference in new issue