You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
103 lines
3.4 KiB
103 lines
3.4 KiB
# -*- coding: utf-8 -*-
|
|
# Copyright 2017 Camptocamp
|
|
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl)
|
|
|
|
from odoo.tests.common import SavepointCase
|
|
from odoo import exceptions
|
|
import json
|
|
|
|
|
|
class TestMultiToken(SavepointCase):
|
|
|
|
post_install = True
|
|
at_install = False
|
|
|
|
@classmethod
|
|
def setUpClass(cls):
|
|
super(TestMultiToken, cls).setUpClass()
|
|
cls.token_model = cls.env['auth.oauth.multi.token']
|
|
cls.provider_google = cls.env.ref('auth_oauth.provider_google')
|
|
cls.user_model = cls.env['res.users'].with_context({
|
|
'tracking_disable': True,
|
|
'no_reset_password': True,
|
|
})
|
|
cls.user = cls.user_model.create({
|
|
'name': 'John Doe',
|
|
'login': 'johndoe',
|
|
'oauth_uid': 'oauth_uid_johndoe',
|
|
'oauth_provider_id': cls.provider_google.id,
|
|
})
|
|
|
|
def _fake_params(self, **kw):
|
|
params = {
|
|
'state': json.dumps({'t': 'FAKE_TOKEN'}),
|
|
'access_token': 'FAKE_ACCESS_TOKEN',
|
|
}
|
|
params.update(kw)
|
|
return params
|
|
|
|
def test_no_provider_no_access(self):
|
|
validation = {
|
|
'user_id': 'oauth_uid_no_one',
|
|
}
|
|
params = self._fake_params()
|
|
with self.assertRaises(exceptions.AccessDenied):
|
|
self.user_model._auth_oauth_signin(
|
|
self.provider_google.id, validation, params
|
|
)
|
|
|
|
def _test_one_token(self):
|
|
validation = {
|
|
'user_id': 'oauth_uid_johndoe',
|
|
}
|
|
params = self._fake_params()
|
|
login = self.user_model._auth_oauth_signin(
|
|
self.provider_google.id, validation, params
|
|
)
|
|
self.assertEqual(login, 'johndoe')
|
|
|
|
def test_access_one_token(self):
|
|
# no token yet
|
|
self.assertFalse(self.user.oauth_access_token_ids)
|
|
self._test_one_token()
|
|
token_count = 1
|
|
self.assertEqual(
|
|
len(self.user.oauth_access_token_ids),
|
|
token_count)
|
|
self.assertEqual(
|
|
len(self.token_model._oauth_user_tokens(self.user.id)),
|
|
token_count)
|
|
|
|
def test_access_multi_token(self):
|
|
# no token yet
|
|
self.assertFalse(self.user.oauth_access_token_ids)
|
|
# use as many token as max allowed
|
|
for token_count in range(1, self.user.oauth_access_max_token + 1):
|
|
self._test_one_token()
|
|
self.assertEqual(
|
|
len(self.user.oauth_access_token_ids),
|
|
token_count)
|
|
self.assertEqual(
|
|
len(self.token_model._oauth_user_tokens(self.user.id)),
|
|
token_count)
|
|
# exceed the number
|
|
self._test_one_token()
|
|
# token count match max number + 1
|
|
self.assertEqual(
|
|
len(self.user.oauth_access_token_ids),
|
|
self.user.oauth_access_max_token + 1)
|
|
# but active tokens don't
|
|
self.assertEqual(
|
|
len(self.token_model._oauth_user_tokens(self.user.id)),
|
|
self.user.oauth_access_max_token)
|
|
|
|
def test_remove_oauth_access_token(self):
|
|
res = self.user._get_session_token_fields()
|
|
self.assertFalse('oauth_access_token' in res)
|
|
self.assertTrue('oauth_master_uuid' in res)
|
|
|
|
def test_action_oauth_clear_token(self):
|
|
self.user.action_oauth_clear_token()
|
|
active_token = self.user.oauth_access_token_ids.filtered(
|
|
lambda x: x.active_token)
|
|
self.assertEqual(len(active_token), 0)
|