Coverage for cc_modules/tests/cc_pyramid_tests.py: 27%
56 statements
« prev ^ index » next coverage.py v6.5.0, created at 2022-11-08 23:14 +0000
« prev ^ index » next coverage.py v6.5.0, created at 2022-11-08 23:14 +0000
1#!/usr/bin/env python
3"""
4camcops_server/cc_modules/tests/cc_pyramid_tests.py
6===============================================================================
8 Copyright (C) 2012, University of Cambridge, Department of Psychiatry.
9 Created by Rudolf Cardinal (rnc1001@cam.ac.uk).
11 This file is part of CamCOPS.
13 CamCOPS is free software: you can redistribute it and/or modify
14 it under the terms of the GNU General Public License as published by
15 the Free Software Foundation, either version 3 of the License, or
16 (at your option) any later version.
18 CamCOPS is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 GNU General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with CamCOPS. If not, see <https://www.gnu.org/licenses/>.
26===============================================================================
28"""
31from pyramid.security import Authenticated, Everyone
33from camcops_server.cc_modules.cc_constants import MfaMethod
34from camcops_server.cc_modules.cc_pyramid import (
35 CamcopsAuthenticationPolicy,
36 Permission,
37)
38from camcops_server.cc_modules.cc_unittest import BasicDatabaseTestCase
41class CamcopsAuthenticationPolicyTests(BasicDatabaseTestCase):
42 def setUp(self) -> None:
43 super().setUp()
45 def test_principals_for_no_user(self) -> None:
46 self.req._debugging_user = None
47 self.assertEqual(
48 CamcopsAuthenticationPolicy.effective_principals(self.req),
49 [Everyone],
50 )
52 def test_principals_for_authenticated_user(self) -> None:
53 user = self.create_user(username="test")
54 self.dbsession.flush()
56 self.req._debugging_user = user
57 self.assertIn(
58 Authenticated,
59 CamcopsAuthenticationPolicy.effective_principals(self.req),
60 )
61 self.assertIn(
62 f"u:{user.id}",
63 CamcopsAuthenticationPolicy.effective_principals(self.req),
64 )
66 def test_principals_when_user_must_change_pasword(self) -> None:
67 user = self.create_user(username="test", must_change_password=True)
68 self.dbsession.flush()
69 self.create_membership(user, self.group, may_use_webviewer=True)
71 self.req._debugging_user = user
72 self.assertIn(
73 Permission.MUST_CHANGE_PASSWORD,
74 CamcopsAuthenticationPolicy.effective_principals(self.req),
75 )
77 def test_principals_when_user_must_set_up_mfa(self) -> None:
78 user = self.create_user(username="test", mfa_method=MfaMethod.NO_MFA)
79 user.agree_terms(self.req)
80 self.dbsession.flush()
81 self.create_membership(user, self.group, may_use_webviewer=True)
83 self.req._debugging_user = user
84 self.req.config.mfa_methods = [MfaMethod.HOTP_EMAIL]
85 self.assertIn(
86 Permission.MUST_SET_MFA,
87 CamcopsAuthenticationPolicy.effective_principals(self.req),
88 )
90 def test_principals_when_user_must_agree_terms(self) -> None:
91 user = self.create_user(username="test", when_agreed_terms_of_use=None)
92 self.dbsession.flush()
93 self.create_membership(user, self.group, may_use_webviewer=True)
95 self.req._debugging_user = user
96 self.assertIn(
97 Permission.MUST_AGREE_TERMS,
98 CamcopsAuthenticationPolicy.effective_principals(self.req),
99 )
101 def test_principals_when_everything_ok(self) -> None:
102 user = self.create_user(username="test", mfa_method=MfaMethod.NO_MFA)
103 user.agree_terms(self.req)
104 self.dbsession.flush()
105 self.create_membership(user, self.group, may_use_webviewer=True)
107 self.req._debugging_user = user
108 self.req.config.mfa_methods = [MfaMethod.NO_MFA]
109 self.assertIn(
110 Permission.HAPPY,
111 CamcopsAuthenticationPolicy.effective_principals(self.req),
112 )
114 def test_principals_for_superuser(self) -> None:
115 user = self.create_user(username="test", superuser=True)
116 self.dbsession.flush()
118 self.req._debugging_user = user
119 self.assertIn(
120 Permission.SUPERUSER,
121 CamcopsAuthenticationPolicy.effective_principals(self.req),
122 )
124 def test_principals_for_groupadmin(self) -> None:
125 user = self.create_user(username="test")
126 self.dbsession.flush()
127 self.create_membership(user, self.group, groupadmin=True)
129 self.req._debugging_user = user
130 self.assertIn(
131 Permission.GROUPADMIN,
132 CamcopsAuthenticationPolicy.effective_principals(self.req),
133 )