Mercurial > moin > 1.9
changeset 3099:42f0eb176c8e
tests: add wsgi-based auth/session tests for moin_login, http, moin_session, moin_anon_session
author | Thomas Waldmann <tw AT waldmann-edv DOT de> |
---|---|
date | Sun, 10 Feb 2008 03:13:18 +0100 |
parents | a67e104828d1 |
children | 55e47727656f |
files | MoinMoin/auth/_tests/test_auth.py |
diffstat | 1 files changed, 245 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/MoinMoin/auth/_tests/test_auth.py Sun Feb 10 03:13:18 2008 +0100 @@ -0,0 +1,245 @@ +# -*- coding: utf-8 -*- +""" + MoinMoin - MoinMoin.auth and session tests + + @copyright: 2008 MoinMoin:ThomasWaldmann + @license: GNU GPL, see COPYING for details. +""" + +import logging, StringIO, urllib + +from MoinMoin.server.server_wsgi import WsgiConfig +from MoinMoin.request import request_wsgi + + +class TestAuth: + """ test misc. auth methods """ + PAGES = ['FrontPage', 'MoinMoin', 'HelpContents', 'WikiSandBox', ] # must all exist! + + def setup_class(cls): + """ Stuff that should be run to init the state of this test class + + Some test needs specific config values, or they will fail. + """ + config = WsgiConfig() # you MUST create an instance to initialize logging! + + def teardown_class(cls): + """ Stuff that should run to clean up the state of this test class + + """ + pass + + def setup_env(self, **kw): + default_environ = { + 'SERVER_NAME': 'localhost', + 'SERVER_PORT': '80', + 'SCRIPT_NAME': '', + 'PATH_INFO': '/', + 'QUERY_STRING': '', + 'REQUEST_METHOD': 'GET', + 'REMOTE_ADDR': '10.10.10.10', + 'HTTP_HOST': 'localhost', + #'HTTP_COOKIE': '', + #'HTTP_ACCEPT_LANGUAGE': '', + } + env = {} + env.update(default_environ) + env.update(kw) + if 'wsgi.input' not in env: + env['wsgi.input'] = StringIO.StringIO() + return env + + def process_request(self, environ): + request = request_wsgi.Request(environ) + request.run() + return request # request.status, request.headers, request.output() + + def testNoAuth(self): + """ run a simple request, no auth, just check if it succeeds """ + environ = self.setup_env() + request = self.process_request(environ) + # check if the request resulted in normal status, result headers and content + assert request.status == '200 OK' + has_ct = has_v = has_cc = False + for k, v in request.headers: + if k == 'Content-Type': + assert v.startswith('text/html') + has_ct = True + elif k == 'Vary': + assert 'Cookie' in v + assert 'Accept-Language' in v + has_v = True + elif k == 'Cache-Control': + assert 'public' in v + has_cc = True + elif k == 'Set-Cookie': + cookie = v + assert has_ct + assert has_v + # XXX BROKEN?: + #assert has_cc # cache anon user's content + output = request.output() + assert '</html>' in output + + def testAnonSession(self): + """ run some requests, no auth, check if anon sessions work """ + from MoinMoin.auth import moin_session, moin_anon_session + self.config = self.TestConfig(auth=[moin_session, moin_anon_session], + anonymous_cookie_lifetime=1) + cookie = '' + trail_expected = [] + for pagename in self.PAGES: + trail_expected.append(unicode(pagename)) + environ = self.setup_env(PATH_INFO='/%s' % pagename, + HTTP_COOKIE=cookie) + request = self.process_request(environ) + + # anon user? + assert not request.user.valid + + # Do we have a session? + assert request.session + + # Requested pagenames get into trail? + assert 'trail' in request.session + trail = request.session['trail'] + assert trail == trail_expected + + # check if the request resulted in normal status, result headers and content + assert request.status == '200 OK' + has_ct = has_v = has_cc = False + for k, v in request.headers: + if k == 'Content-Type': + assert v.startswith('text/html') + has_ct = True + elif k == 'Vary': + assert 'Cookie' in v + assert 'Accept-Language' in v + has_v = True + elif k == 'Cache-Control': + assert 'private' in v + assert 'must-revalidate' in v + has_cc = True + elif k == 'Set-Cookie': + cookie = v + assert has_ct + assert has_v + assert has_cc # do not cache anon user's (with session!) content + output = request.output() + assert '</html>' in output + + def testHttpAuthSession(self): + """ run some requests with http auth, check whether session works """ + from MoinMoin.auth import moin_session, moin_anon_session + from MoinMoin.auth.http import http + username = u'HttpAuthTestUser' + # XXX BROKEN: should work without moin_anon_session, without anonymous_cookie_lifetime: + self.config = self.TestConfig(auth=[http, moin_session, moin_anon_session], + user_autocreate=True, + anonymous_cookie_lifetime=1) + cookie = '' + trail_expected = [] + for pagename in self.PAGES: + trail_expected.append(unicode(pagename)) + environ = self.setup_env(AUTH_TYPE='Basic', REMOTE_USER=str(username), + PATH_INFO='/%s' % pagename, + HTTP_COOKIE=cookie) + request = self.process_request(environ) + + # Login worked? + assert request.user.valid + assert request.user.name == username + + # Do we have a session? + assert request.session + + # Requested pagenames get into trail? + assert 'trail' in request.session + trail = request.session['trail'] + assert trail == trail_expected + + # check if the request resulted in normal status, result headers and content + assert request.status == '200 OK' + has_ct = has_v = has_cc = False + for k, v in request.headers: + if k == 'Content-Type': + assert v.startswith('text/html') + has_ct = True + elif k == 'Vary': + assert 'Cookie' in v + assert 'Accept-Language' in v + has_v = True + elif k == 'Cache-Control': + assert 'private' in v + assert 'must-revalidate' in v + has_cc = True + elif k == 'Set-Cookie': + cookie = v + assert has_ct + assert has_v + assert has_cc # do not cache logged-in user's content + output = request.output() + assert '</html>' in output + + def testMoinLoginAuthSession(self): + """ run some requests with moin_login auth, check whether session works """ + from MoinMoin.auth import moin_login, moin_session + from MoinMoin.user import User + self.config = self.TestConfig(auth=[moin_login, moin_session]) + username = u'MoinLoginAuthTestUser' + password = u'secret' + User(self.request, name=username, password=password).save() # create user + trail_expected = [] + for pagename in self.PAGES: + if not trail_expected: # first page, do login + formdata = urllib.urlencode({ + 'name': username.encode('utf-8'), + 'password': password.encode('utf-8'), + 'login': 'login', + }) + environ = self.setup_env(PATH_INFO='/%s' % pagename, + HTTP_CONTENT_TYPE='application/x-www-form-urlencoded', + HTTP_CONTENT_LENGTH='%d' % len(formdata), + QUERY_STRING='action=login', REQUEST_METHOD='POST', + **{'wsgi.input': StringIO.StringIO(formdata)}) + else: # not first page, use session cookie + environ = self.setup_env(PATH_INFO='/%s' % pagename, + HTTP_COOKIE=cookie) + trail_expected.append(unicode(pagename)) + request = self.process_request(environ) + + # Login worked? + assert request.user.valid + assert request.user.name == username + + # Do we have a session? + assert request.session + + # Requested pagenames get into trail? + assert 'trail' in request.session + trail = request.session['trail'] + assert trail == trail_expected + + # check if the request resulted in normal status, result headers and content + assert request.status == '200 OK' + has_ct = has_v = has_cc = False + for k, v in request.headers: + if k == 'Content-Type': + assert v.startswith('text/html') + has_ct = True + elif k == 'Vary': + assert 'Cookie' in v + assert 'Accept-Language' in v + has_v = True + elif k == 'Cache-Control': + assert 'private' in v + assert 'must-revalidate' in v + has_cc = True + elif k == 'Set-Cookie': + cookie = v + assert has_ct + assert has_v + assert has_cc # do not cache logged-in user's content + output = request.output() + assert '</html>' in output +