Coverage for cc_modules/tests/cc_pyramid_tests.py: 27%

56 statements  

« prev     ^ index     » next       coverage.py v6.5.0, created at 2022-11-08 23:14 +0000

1#!/usr/bin/env python 

2 

3""" 

4camcops_server/cc_modules/tests/cc_pyramid_tests.py 

5 

6=============================================================================== 

7 

8 Copyright (C) 2012, University of Cambridge, Department of Psychiatry. 

9 Created by Rudolf Cardinal (rnc1001@cam.ac.uk). 

10 

11 This file is part of CamCOPS. 

12 

13 CamCOPS is free software: you can redistribute it and/or modify 

14 it under the terms of the GNU General Public License as published by 

15 the Free Software Foundation, either version 3 of the License, or 

16 (at your option) any later version. 

17 

18 CamCOPS is distributed in the hope that it will be useful, 

19 but WITHOUT ANY WARRANTY; without even the implied warranty of 

20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 

21 GNU General Public License for more details. 

22 

23 You should have received a copy of the GNU General Public License 

24 along with CamCOPS. If not, see <https://www.gnu.org/licenses/>. 

25 

26=============================================================================== 

27 

28""" 

29 

30 

31from pyramid.security import Authenticated, Everyone 

32 

33from camcops_server.cc_modules.cc_constants import MfaMethod 

34from camcops_server.cc_modules.cc_pyramid import ( 

35 CamcopsAuthenticationPolicy, 

36 Permission, 

37) 

38from camcops_server.cc_modules.cc_unittest import BasicDatabaseTestCase 

39 

40 

41class CamcopsAuthenticationPolicyTests(BasicDatabaseTestCase): 

42 def setUp(self) -> None: 

43 super().setUp() 

44 

45 def test_principals_for_no_user(self) -> None: 

46 self.req._debugging_user = None 

47 self.assertEqual( 

48 CamcopsAuthenticationPolicy.effective_principals(self.req), 

49 [Everyone], 

50 ) 

51 

52 def test_principals_for_authenticated_user(self) -> None: 

53 user = self.create_user(username="test") 

54 self.dbsession.flush() 

55 

56 self.req._debugging_user = user 

57 self.assertIn( 

58 Authenticated, 

59 CamcopsAuthenticationPolicy.effective_principals(self.req), 

60 ) 

61 self.assertIn( 

62 f"u:{user.id}", 

63 CamcopsAuthenticationPolicy.effective_principals(self.req), 

64 ) 

65 

66 def test_principals_when_user_must_change_pasword(self) -> None: 

67 user = self.create_user(username="test", must_change_password=True) 

68 self.dbsession.flush() 

69 self.create_membership(user, self.group, may_use_webviewer=True) 

70 

71 self.req._debugging_user = user 

72 self.assertIn( 

73 Permission.MUST_CHANGE_PASSWORD, 

74 CamcopsAuthenticationPolicy.effective_principals(self.req), 

75 ) 

76 

77 def test_principals_when_user_must_set_up_mfa(self) -> None: 

78 user = self.create_user(username="test", mfa_method=MfaMethod.NO_MFA) 

79 user.agree_terms(self.req) 

80 self.dbsession.flush() 

81 self.create_membership(user, self.group, may_use_webviewer=True) 

82 

83 self.req._debugging_user = user 

84 self.req.config.mfa_methods = [MfaMethod.HOTP_EMAIL] 

85 self.assertIn( 

86 Permission.MUST_SET_MFA, 

87 CamcopsAuthenticationPolicy.effective_principals(self.req), 

88 ) 

89 

90 def test_principals_when_user_must_agree_terms(self) -> None: 

91 user = self.create_user(username="test", when_agreed_terms_of_use=None) 

92 self.dbsession.flush() 

93 self.create_membership(user, self.group, may_use_webviewer=True) 

94 

95 self.req._debugging_user = user 

96 self.assertIn( 

97 Permission.MUST_AGREE_TERMS, 

98 CamcopsAuthenticationPolicy.effective_principals(self.req), 

99 ) 

100 

101 def test_principals_when_everything_ok(self) -> None: 

102 user = self.create_user(username="test", mfa_method=MfaMethod.NO_MFA) 

103 user.agree_terms(self.req) 

104 self.dbsession.flush() 

105 self.create_membership(user, self.group, may_use_webviewer=True) 

106 

107 self.req._debugging_user = user 

108 self.req.config.mfa_methods = [MfaMethod.NO_MFA] 

109 self.assertIn( 

110 Permission.HAPPY, 

111 CamcopsAuthenticationPolicy.effective_principals(self.req), 

112 ) 

113 

114 def test_principals_for_superuser(self) -> None: 

115 user = self.create_user(username="test", superuser=True) 

116 self.dbsession.flush() 

117 

118 self.req._debugging_user = user 

119 self.assertIn( 

120 Permission.SUPERUSER, 

121 CamcopsAuthenticationPolicy.effective_principals(self.req), 

122 ) 

123 

124 def test_principals_for_groupadmin(self) -> None: 

125 user = self.create_user(username="test") 

126 self.dbsession.flush() 

127 self.create_membership(user, self.group, groupadmin=True) 

128 

129 self.req._debugging_user = user 

130 self.assertIn( 

131 Permission.GROUPADMIN, 

132 CamcopsAuthenticationPolicy.effective_principals(self.req), 

133 )