You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
270 lines
9.6 KiB
270 lines
9.6 KiB
# -*- coding: utf-8 -*-
|
|
# Copyright 2016 SYLEAM
|
|
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
|
|
|
|
from datetime import datetime, timedelta
|
|
from openerp import fields, exceptions
|
|
from openerp.tests.common import TransactionCase
|
|
|
|
|
|
class TestOAuthProviderToken(TransactionCase):
|
|
|
|
def setUp(self):
|
|
super(TestOAuthProviderToken, self).setUp()
|
|
self.client = self.env['oauth.provider.client'].create({
|
|
'name': 'Client',
|
|
'identifier': 'client',
|
|
})
|
|
self.token_vals = {
|
|
'user_id': self.env.user.id,
|
|
'client_id': self.client.id,
|
|
'token': 'token',
|
|
'expires_at': fields.Datetime.now(),
|
|
}
|
|
self.filter = self.env['ir.filters'].create({
|
|
'name': 'Current user',
|
|
'model_id': 'res.users',
|
|
'domain': "[('id', '=', uid)]",
|
|
})
|
|
self.scope_vals = {
|
|
'name': 'Scope',
|
|
'code': 'scope',
|
|
'description': 'Description of the scope',
|
|
'model_id': self.env.ref('base.model_res_users').id,
|
|
'filter_id': self.filter.id,
|
|
'field_ids': [
|
|
(6, 0, [self.env.ref('base.field_res_users_email').id]),
|
|
],
|
|
}
|
|
|
|
def new_token(self, vals=None):
|
|
values = self.token_vals
|
|
if vals is not None:
|
|
values.update(vals)
|
|
|
|
return self.env['oauth.provider.token'].create(values)
|
|
|
|
def new_scope(self, vals=None):
|
|
values = self.scope_vals
|
|
if vals is not None:
|
|
values.update(vals)
|
|
|
|
return self.env['oauth.provider.scope'].create(values)
|
|
|
|
def test_inactive(self):
|
|
""" Check the value of the active field, for an expired token """
|
|
not_expired = datetime.now() + timedelta(days=1)
|
|
token = self.new_token(vals={
|
|
'token': 'Active',
|
|
'expires_at': fields.Datetime.to_string(not_expired),
|
|
})
|
|
self.assertEqual(token.active, True)
|
|
|
|
def test_active(self):
|
|
""" Check the value of the active field, for a not expired token """
|
|
expired = datetime.now() - timedelta(minutes=1)
|
|
token = self.new_token(vals={
|
|
'token': 'Not active',
|
|
'expires_at': fields.Datetime.to_string(expired),
|
|
})
|
|
self.assertEqual(token.active, False)
|
|
|
|
def _generate_tokens_for_active_search(self):
|
|
not_expired = datetime.now() + timedelta(days=1)
|
|
not_expired_tokens = self.new_token(vals={
|
|
'token': 'Not expired',
|
|
'expires_at': fields.Datetime.to_string(not_expired),
|
|
})
|
|
not_expired_tokens += not_expired_tokens.copy(default={
|
|
'token': 'Other not expired',
|
|
})
|
|
|
|
expired = datetime.now() - timedelta(minutes=1)
|
|
expired_tokens = self.new_token(vals={
|
|
'token': 'Expired',
|
|
'expires_at': fields.Datetime.to_string(expired),
|
|
})
|
|
expired_tokens += expired_tokens.copy(default={
|
|
'token': 'Other expired',
|
|
})
|
|
|
|
return expired_tokens, not_expired_tokens
|
|
|
|
def test_search_empty_domain(self):
|
|
""" Check the results of searching tokens with an empty domain
|
|
|
|
Only active tokens should be returned
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([]), not_expired_tokens)
|
|
|
|
def test_active_search_equal_true(self):
|
|
""" Check the results of searching tokens with explicit active = True domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', '=', True),
|
|
]), not_expired_tokens)
|
|
|
|
def test_active_search_equal_false(self):
|
|
""" Check the results of searching tokens with active = False domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', '=', False),
|
|
]), expired_tokens)
|
|
|
|
def test_active_search_not_equal_true(self):
|
|
""" Check the results of searching tokens with active != True domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', '!=', True),
|
|
]), expired_tokens)
|
|
|
|
def test_active_search_not_equal_false(self):
|
|
""" Check the results of searching tokens with active != False domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', '!=', False),
|
|
]), not_expired_tokens)
|
|
|
|
def test_active_search_in_true(self):
|
|
""" Check the results of searching tokens with active in (True,) domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', 'in', (True,)),
|
|
]), not_expired_tokens)
|
|
|
|
def test_active_search_in_false(self):
|
|
""" Check the results of searching tokens with active in (False,) domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', 'in', (False,)),
|
|
]), expired_tokens)
|
|
|
|
def test_active_search_not_in_true(self):
|
|
""" Check the results of searching tokens with active not in (True,) domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', 'not in', (True,)),
|
|
]), expired_tokens)
|
|
|
|
def test_active_search_not_in_false(self):
|
|
""" Check the results of searching tokens with active not in (False,) domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', 'not in', (False,)),
|
|
]), not_expired_tokens)
|
|
|
|
def test_active_search_in_true_false(self):
|
|
""" Check the results of searching tokens with active in (True, False) domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', 'in', (True, False)),
|
|
]), not_expired_tokens + expired_tokens)
|
|
|
|
def test_active_search_not_in_true_false(self):
|
|
""" Check the results of searching tokens with active notin (True,False) domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
self.assertEqual(token_obj.search([
|
|
('active', 'not in', (True, False)),
|
|
]), token_obj)
|
|
|
|
def test_active_search_invalid_operator(self):
|
|
""" Check the results of searching tokens with an invalid operatr in domain
|
|
"""
|
|
token_obj = self.env['oauth.provider.token']
|
|
expired_tokens, not_expired_tokens = \
|
|
self._generate_tokens_for_active_search()
|
|
|
|
with self.assertRaises(exceptions.UserError):
|
|
token_obj.search([('active', '>', True)])
|
|
|
|
def test_get_data_from_model_with_at_least_one_scope_matching(self):
|
|
""" Check the values returned by the get_data_for_model method with
|
|
at least one scope matching the data
|
|
"""
|
|
scopes = self.new_scope()
|
|
scopes += self.new_scope({
|
|
'code': 'All users',
|
|
'filter_id': False,
|
|
})
|
|
token = self.new_token(vals={
|
|
'scope_ids': [(6, 0, scopes.ids)],
|
|
})
|
|
|
|
# Check a simple call with the right model with empty fields
|
|
data = token.get_data_for_model('res.users')
|
|
self.assertEqual(
|
|
sorted(data.keys()), sorted(self.env['res.users'].search([]).ids))
|
|
|
|
def test_get_data_from_model_with_all_scopes_matching(self):
|
|
""" Check the values returned by the get_data_for_model method with
|
|
all scopes required to match the data
|
|
"""
|
|
scopes = self.new_scope()
|
|
scopes += self.new_scope({
|
|
'code': 'All users',
|
|
'filter_id': False,
|
|
})
|
|
token = self.new_token(vals={
|
|
'scope_ids': [(6, 0, scopes.ids)],
|
|
})
|
|
|
|
# Check a simple call with the right model without empty fields
|
|
data = token.get_data_for_model('res.users', all_scopes_match=True)
|
|
self.assertEqual(data, {self.env.user.id: {
|
|
'id': 1,
|
|
'email': self.env.user.email,
|
|
}})
|
|
|
|
def test_get_data_from_model_with_no_scope_matching(self):
|
|
""" Check the values returned by the get_data_for_model method with
|
|
an unauthorized model
|
|
"""
|
|
token = self.new_token()
|
|
|
|
# Check a simple call with a wrong model
|
|
data = token.get_data_for_model('res.partner')
|
|
self.assertEqual(data, {})
|