From b4d0924ab92d52c9e8d40e13769c93d0d95bed00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Nowak?= <luke@nexedi.com>
Date: Fri, 18 May 2012 16:24:01 +0200
Subject: [PATCH] Cover basic functionality in tests.
---
.../TestTemplateItem/testERP5BearerToken.py | 125 ++++++++++++++++++
bt5/erp5_bearer_token/bt/revision | 2 +-
.../bt/template_test_id_list | 1 +
3 files changed, 127 insertions(+), 1 deletion(-)
create mode 100644 bt5/erp5_bearer_token/TestTemplateItem/testERP5BearerToken.py
create mode 100644 bt5/erp5_bearer_token/bt/template_test_id_list
diff --git a/bt5/erp5_bearer_token/TestTemplateItem/testERP5BearerToken.py b/bt5/erp5_bearer_token/TestTemplateItem/testERP5BearerToken.py
new file mode 100644
index 0000000000..a452d8ac95
--- /dev/null
+++ b/bt5/erp5_bearer_token/TestTemplateItem/testERP5BearerToken.py
@@ -0,0 +1,125 @@
+# Copyright (c) 2002-2012 Nexedi SA and Contributors. All Rights Reserved.
+
+from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
+import transaction
+from DateTime import DateTime
+
+class TestERP5BearerToken(ERP5TypeTestCase):
+ """
+ ERP5 Bearer Token extraction
+ """
+
+ test_token_extraction_id = 'bearer_test_extraction'
+
+ def getBusinessTemplateList(self):
+ return ('erp5_base', 'erp5_bearer_token')
+
+ def generateNewId(self):
+ return str(self.portal.portal_ids.generateNewId(
+ id_group=('bearer_token_test_id')))
+
+ def getTokenCredential(self, request):
+ plugin = getattr(self.portal.acl_users, self.test_token_extraction_id)
+ return plugin.extractCredentials(request).get('external_login')
+
+ def createPerson(self, reference):
+ """Creates a person in person module, and returns the object, after
+ indexing is done. """
+ person_module = self.getPersonModule()
+ person = person_module.newContent(portal_type='Person',
+ reference='P' + reference)
+ person.newContent(portal_type = 'Assignment').open()
+ transaction.commit()
+ self.tic()
+ return person
+
+ def setUpBearerTokenKey(self):
+ self.preference = self.portal.portal_preferences.newContent(
+ portal_type='System Preference',
+ priority=1,
+ preferred_bearer_token_key=self.test_id)
+ self.preference.enable()
+ transaction.commit()
+ self.tic()
+
+ def setupBearerExtraction(self):
+ pas = self.portal.acl_users
+ bearer_extraction_list = [q for q in pas.objectValues() \
+ if q.meta_type == 'ERP5 Bearer Extraction Plugin']
+ if len(bearer_extraction_list) == 0:
+ dispacher = pas.manage_addProduct['ERP5Security']
+ dispacher.addERP5BearerExtractionPlugin(self.test_token_extraction_id)
+ getattr(pas, self.test_token_extraction_id).manage_activateInterfaces(
+ ('IExtractionPlugin',))
+ elif len(bearer_extraction_list) > 1:
+ raise ValueError
+ transaction.commit()
+
+ def afterSetUp(self):
+ """
+ This is ran before anything, used to set the environment
+ """
+ self.portal = self.getPortalObject()
+ self.test_id = self.generateNewId()
+ self.person = self.createPerson(self.test_id)
+ self.setUpBearerTokenKey()
+ self.setupBearerExtraction()
+ transaction.commit()
+ self.tic()
+
+ def beforeTearDown(self):
+ self.portal.portal_preferences.deleteContent(self.preference.getId())
+ transaction.commit()
+ self.tic()
+
+ def test_working_token(self):
+ token, expiration_time = self.person.Person_getBearerToken()
+ self.portal.REQUEST._auth = 'Bearer %s' % token
+ reference = self.getTokenCredential(self.portal.REQUEST)
+ self.assertEqual(reference, self.person.getReference())
+
+ def test_different_user_agent(self):
+ token, expiration_time = self.person.Person_getBearerToken()
+ self.portal.REQUEST._auth = 'Bearer %s' % token
+ self.portal.REQUEST.environ['USER_AGENT'] = 'different user agent'
+ reference = self.getTokenCredential(self.portal.REQUEST)
+ self.assertEqual(reference, None)
+
+ def test_different_remote_addr(self):
+ token, expiration_time = self.person.Person_getBearerToken()
+ self.portal.REQUEST._auth = 'Bearer %s' % token
+ self.portal.REQUEST.environ['REMOTE_ADDR'] = 'different remote addr'
+ reference = self.getTokenCredential(self.portal.REQUEST)
+ self.assertEqual(reference, None)
+
+ def test_no_bearer_token_key(self):
+ self.preference.edit(preferred_bearer_token_key='')
+ transaction.commit()
+ self.tic()
+ transaction.commit()
+ self.assertRaises(ValueError, self.person.Person_getBearerToken)
+
+ def test_changed_bearer_token_key(self):
+ token, expiration_time = self.person.Person_getBearerToken()
+ self.portal.REQUEST._auth = 'Bearer %s' % token
+ self.preference.edit(preferred_bearer_token_key='changed')
+ transaction.commit()
+ self.tic()
+ reference = self.getTokenCredential(self.portal.REQUEST)
+ self.assertEqual(reference, None)
+
+ def test_expired_token(self):
+ # create expired token
+ # as everything in scripts is publishable and for now logic is in scripts
+ # they are not allowing to pass arguments, so lets hack in test
+ token = {
+ 'expiration_timestamp': DateTime()-1,
+ 'reference': self.person.getReference(),
+ 'user-agent': self.portal.REQUEST.getHeader('User-Agent'),
+ 'remote-addr': self.portal.REQUEST.get('REMOTE_ADDR')
+ }
+ hmac = self.portal.Base_getHMAC(self.portal.Base_getBearerTokenKey(), str(
+ token))
+ self.portal.Base_setBearerToken(hmac, token)
+ reference = self.getTokenCredential(self.portal.REQUEST)
+ self.assertEqual(reference, None)
diff --git a/bt5/erp5_bearer_token/bt/revision b/bt5/erp5_bearer_token/bt/revision
index f11c82a4cb..9a037142aa 100644
--- a/bt5/erp5_bearer_token/bt/revision
+++ b/bt5/erp5_bearer_token/bt/revision
@@ -1 +1 @@
-9
\ No newline at end of file
+10
\ No newline at end of file
diff --git a/bt5/erp5_bearer_token/bt/template_test_id_list b/bt5/erp5_bearer_token/bt/template_test_id_list
new file mode 100644
index 0000000000..e9ec688230
--- /dev/null
+++ b/bt5/erp5_bearer_token/bt/template_test_id_list
@@ -0,0 +1 @@
+testERP5BearerToken
\ No newline at end of file
--
GitLab