Browse Source
Merge pull request #580 from LasLabs/release/10.0/auth_session_timeout
Merge pull request #580 from LasLabs/release/10.0/auth_session_timeout
[MIG][10.0] auth_session_timeoutpull/1044/head
Pedro M. Baeza
7 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 337 additions and 102 deletions
-
6.travis.yml
-
44auth_session_timeout/README.rst
-
1auth_session_timeout/__init__.py
-
19auth_session_timeout/__manifest__.py
-
23auth_session_timeout/data/ir_config_parameter_data.xml
-
1auth_session_timeout/models/__init__.py
-
44auth_session_timeout/models/ir_config_parameter.py
-
119auth_session_timeout/models/res_users.py
-
4auth_session_timeout/tests/__init__.py
-
66auth_session_timeout/tests/test_ir_config_parameter.py
-
108auth_session_timeout/tests/test_res_users.py
-
4base_external_system/tests/common.py
@ -1,6 +1,5 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
|||
|
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
|||
|
|||
from . import models |
@ -1,28 +1,23 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
|||
|
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
|||
|
|||
{ |
|||
'name': "Inactive Sessions Timeout", |
|||
|
|||
'summary': """ |
|||
This module disable all inactive sessions since a given delay""", |
|||
|
|||
'author': "ACSONE SA/NV, Dhinesh D, Odoo Community Association (OCA)", |
|||
'author': "ACSONE SA/NV, " |
|||
"Dhinesh D, " |
|||
"Jesse Morgan, " |
|||
"LasLabs, " |
|||
"Odoo Community Association (OCA)", |
|||
'maintainer': 'Odoo Community Association (OCA)', |
|||
'website': "http://acsone.eu", |
|||
|
|||
'category': 'Tools', |
|||
'version': '9.0.1.0.0', |
|||
'version': '10.0.1.0.0', |
|||
'license': 'AGPL-3', |
|||
|
|||
'depends': [ |
|||
'base', |
|||
], |
|||
|
|||
'data': [ |
|||
'data/ir_config_parameter_data.xml' |
|||
], |
|||
'installable': False, |
|||
'installable': True, |
|||
} |
@ -1,6 +1,5 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
|||
|
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
|||
|
|||
from . import res_users |
|||
|
@ -1,6 +1,4 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# (c) 2015 ACSONE SA/NV, Dhinesh D |
|||
|
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
|||
|
|||
from . import test_ir_config_parameter |
|||
from . import test_res_users |
@ -0,0 +1,108 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright 2016-2017 LasLabs Inc. |
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). |
|||
|
|||
import mock |
|||
|
|||
from contextlib import contextmanager |
|||
|
|||
from odoo.tools.misc import mute_logger |
|||
from odoo.tests.common import TransactionCase |
|||
|
|||
|
|||
class EndTestException(Exception): |
|||
""" It stops tests from continuing """ |
|||
pass |
|||
|
|||
|
|||
class TestResUsers(TransactionCase): |
|||
|
|||
def setUp(self): |
|||
super(TestResUsers, self).setUp() |
|||
self.ResUsers = self.env['res.users'] |
|||
|
|||
@contextmanager |
|||
def _mock_assets(self, assets=None): |
|||
""" It provides mocked imports from res_users.py |
|||
:param assets: (list) Name of imports to mock. Mocks `http` if None |
|||
:return: (dict) Dictionary of mocks, keyed by module name |
|||
""" |
|||
if assets is None: |
|||
assets = ['http'] |
|||
patches = {name: mock.DEFAULT for name in assets} |
|||
with mock.patch.multiple( |
|||
'odoo.addons.auth_session_timeout.models.res_users', **patches |
|||
) as mocks: |
|||
yield mocks |
|||
|
|||
def _auth_timeout_check(self, http_mock): |
|||
""" It wraps ``_auth_timeout_check`` for easier calling """ |
|||
self.db = mock.MagicMock() |
|||
self.uid = mock.MagicMock() |
|||
self.passwd = mock.MagicMock() |
|||
self.path = '/this/is/a/test/path' |
|||
get_filename = http_mock.root.session_store.get_session_filename |
|||
get_filename.return_value = self.path |
|||
return self.ResUsers._auth_timeout_check() |
|||
|
|||
def test_session_validity_no_request(self): |
|||
""" It should return immediately if no request """ |
|||
with self._mock_assets() as assets: |
|||
assets['http'].request = False |
|||
res = self._auth_timeout_check(assets['http']) |
|||
self.assertFalse(res) |
|||
|
|||
def test_session_validity_gets_session_file(self): |
|||
""" It should call get the session file for the session id """ |
|||
with self._mock_assets() as assets: |
|||
get_params = assets['http'].request.env[''].get_session_parameters |
|||
get_params.return_value = 0, [] |
|||
store = assets['http'].root.session_store |
|||
store.get_session_filename.side_effect = EndTestException |
|||
with self.assertRaises(EndTestException): |
|||
self._auth_timeout_check(assets['http']) |
|||
store.get_session_filename.assert_called_once_with( |
|||
assets['http'].request.session.sid, |
|||
) |
|||
|
|||
def test_session_validity_logout(self): |
|||
""" It should log out of session if past deadline """ |
|||
with self._mock_assets(['http', 'getmtime', 'utime']) as assets: |
|||
get_params = assets['http'].request.env[''].get_session_parameters |
|||
get_params.return_value = -9999, [] |
|||
assets['getmtime'].return_value = 0 |
|||
self._auth_timeout_check(assets['http']) |
|||
assets['http'].request.session.logout.assert_called_once_with( |
|||
keep_db=True, |
|||
) |
|||
|
|||
def test_session_validity_updates_utime(self): |
|||
""" It should update utime of session file if not expired """ |
|||
with self._mock_assets(['http', 'getmtime', 'utime']) as assets: |
|||
get_params = assets['http'].request.env[''].get_session_parameters |
|||
get_params.return_value = 9999, [] |
|||
self._auth_timeout_check(assets['http']) |
|||
assets['utime'].assert_called_once_with( |
|||
assets['http'].root.session_store.get_session_filename(), |
|||
None, |
|||
) |
|||
|
|||
@mute_logger('odoo.addons.auth_session_timeout.models.res_users') |
|||
def test_session_validity_os_error_guard(self): |
|||
""" It should properly guard from OSError & return """ |
|||
with self._mock_assets(['http', 'utime', 'getmtime']) as assets: |
|||
get_params = assets['http'].request.env[''].get_session_parameters |
|||
get_params.return_value = 0, [] |
|||
assets['getmtime'].side_effect = OSError |
|||
res = self._auth_timeout_check(assets['http']) |
|||
self.assertFalse(res) |
|||
|
|||
def test_on_timeout_session_loggedout(self): |
|||
with self._mock_assets(['http', 'getmtime']) as assets: |
|||
assets['getmtime'].return_value = 0 |
|||
assets['http'].request.session.uid = self.env.uid |
|||
assets['http'].request.session.dbname = self.env.cr.dbname |
|||
assets['http'].request.session.sid = 123 |
|||
assets['http'].request.session.logout = mock.Mock() |
|||
self.ResUsers._auth_timeout_check() |
|||
self.assertTrue(assets['http'].request.session.logout.called) |
Write
Preview
Loading…
Cancel
Save
Reference in new issue