2020-05-11 10:39:58 +01:00
|
|
|
"""flow planner tests"""
|
2020-08-20 19:39:21 +01:00
|
|
|
from unittest.mock import MagicMock, Mock, PropertyMock, patch
|
2020-05-11 10:39:58 +01:00
|
|
|
|
2020-06-18 21:43:51 +01:00
|
|
|
from django.contrib.sessions.middleware import SessionMiddleware
|
2020-05-31 22:01:08 +01:00
|
|
|
from django.core.cache import cache
|
2020-09-28 10:47:50 +01:00
|
|
|
from django.http import HttpRequest
|
2020-05-11 10:39:58 +01:00
|
|
|
from django.shortcuts import reverse
|
|
|
|
from django.test import RequestFactory, TestCase
|
|
|
|
from guardian.shortcuts import get_anonymous_user
|
|
|
|
|
2020-05-31 22:01:08 +01:00
|
|
|
from passbook.core.models import User
|
2020-05-11 10:39:58 +01:00
|
|
|
from passbook.flows.exceptions import EmptyFlowException, FlowNonApplicableException
|
2020-06-18 21:43:51 +01:00
|
|
|
from passbook.flows.markers import ReevaluateMarker, StageMarker
|
2020-05-11 10:39:58 +01:00
|
|
|
from passbook.flows.models import Flow, FlowDesignation, FlowStageBinding
|
2020-05-31 22:01:08 +01:00
|
|
|
from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner, cache_key
|
2020-06-18 21:43:51 +01:00
|
|
|
from passbook.policies.dummy.models import DummyPolicy
|
|
|
|
from passbook.policies.models import PolicyBinding
|
2020-05-28 20:45:54 +01:00
|
|
|
from passbook.policies.types import PolicyResult
|
2020-05-11 10:39:58 +01:00
|
|
|
from passbook.stages.dummy.models import DummyStage
|
|
|
|
|
2020-06-18 21:43:51 +01:00
|
|
|
POLICY_RETURN_FALSE = PropertyMock(return_value=PolicyResult(False))
|
2020-08-20 19:39:21 +01:00
|
|
|
CACHE_MOCK = Mock(wraps=cache)
|
2020-05-11 10:39:58 +01:00
|
|
|
|
2020-06-18 21:43:51 +01:00
|
|
|
POLICY_RETURN_TRUE = MagicMock(return_value=PolicyResult(True))
|
|
|
|
|
2020-05-11 10:39:58 +01:00
|
|
|
|
2020-09-28 10:47:50 +01:00
|
|
|
def dummy_get_response(request: HttpRequest): # pragma: no cover
|
|
|
|
"""Dummy get_response for SessionMiddleware"""
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
2020-05-11 10:39:58 +01:00
|
|
|
class TestFlowPlanner(TestCase):
|
|
|
|
"""Test planner logic"""
|
|
|
|
|
|
|
|
def setUp(self):
|
|
|
|
self.request_factory = RequestFactory()
|
|
|
|
|
|
|
|
def test_empty_plan(self):
|
|
|
|
"""Test that empty plan raises exception"""
|
|
|
|
flow = Flow.objects.create(
|
|
|
|
name="test-empty",
|
|
|
|
slug="test-empty",
|
|
|
|
designation=FlowDesignation.AUTHENTICATION,
|
|
|
|
)
|
|
|
|
request = self.request_factory.get(
|
|
|
|
reverse("passbook_flows:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
|
|
)
|
|
|
|
request.user = get_anonymous_user()
|
|
|
|
|
|
|
|
with self.assertRaises(EmptyFlowException):
|
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
planner.plan(request)
|
|
|
|
|
|
|
|
@patch(
|
2020-09-30 18:34:22 +01:00
|
|
|
"passbook.policies.engine.PolicyEngine.result",
|
|
|
|
POLICY_RETURN_FALSE,
|
2020-05-11 10:39:58 +01:00
|
|
|
)
|
|
|
|
def test_non_applicable_plan(self):
|
|
|
|
"""Test that empty plan raises exception"""
|
|
|
|
flow = Flow.objects.create(
|
|
|
|
name="test-empty",
|
|
|
|
slug="test-empty",
|
|
|
|
designation=FlowDesignation.AUTHENTICATION,
|
|
|
|
)
|
|
|
|
request = self.request_factory.get(
|
|
|
|
reverse("passbook_flows:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
|
|
)
|
|
|
|
request.user = get_anonymous_user()
|
|
|
|
|
|
|
|
with self.assertRaises(FlowNonApplicableException):
|
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
planner.plan(request)
|
|
|
|
|
2020-08-20 19:39:21 +01:00
|
|
|
@patch("passbook.flows.planner.cache", CACHE_MOCK)
|
2020-05-11 10:39:58 +01:00
|
|
|
def test_planner_cache(self):
|
|
|
|
"""Test planner cache"""
|
|
|
|
flow = Flow.objects.create(
|
|
|
|
name="test-cache",
|
|
|
|
slug="test-cache",
|
|
|
|
designation=FlowDesignation.AUTHENTICATION,
|
|
|
|
)
|
|
|
|
FlowStageBinding.objects.create(
|
2020-07-03 22:34:44 +01:00
|
|
|
target=flow, stage=DummyStage.objects.create(name="dummy"), order=0
|
2020-05-11 10:39:58 +01:00
|
|
|
)
|
|
|
|
request = self.request_factory.get(
|
|
|
|
reverse("passbook_flows:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
|
|
)
|
|
|
|
request.user = get_anonymous_user()
|
|
|
|
|
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
planner.plan(request)
|
2020-08-20 19:39:21 +01:00
|
|
|
self.assertEqual(
|
|
|
|
CACHE_MOCK.set.call_count, 1
|
|
|
|
) # Ensure plan is written to cache
|
2020-05-11 10:39:58 +01:00
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
planner.plan(request)
|
|
|
|
self.assertEqual(
|
2020-08-20 19:39:21 +01:00
|
|
|
CACHE_MOCK.set.call_count, 1
|
|
|
|
) # Ensure nothing is written to cache
|
|
|
|
self.assertEqual(CACHE_MOCK.get.call_count, 2) # Get is called twice
|
2020-05-31 22:01:08 +01:00
|
|
|
|
|
|
|
def test_planner_default_context(self):
|
|
|
|
"""Test planner with default_context"""
|
|
|
|
flow = Flow.objects.create(
|
|
|
|
name="test-default-context",
|
|
|
|
slug="test-default-context",
|
|
|
|
designation=FlowDesignation.AUTHENTICATION,
|
|
|
|
)
|
|
|
|
FlowStageBinding.objects.create(
|
2020-07-03 22:34:44 +01:00
|
|
|
target=flow, stage=DummyStage.objects.create(name="dummy"), order=0
|
2020-05-31 22:01:08 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
user = User.objects.create(username="test-user")
|
|
|
|
request = self.request_factory.get(
|
|
|
|
reverse("passbook_flows:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
|
|
)
|
|
|
|
request.user = user
|
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
planner.plan(request, default_context={PLAN_CONTEXT_PENDING_USER: user})
|
|
|
|
key = cache_key(flow, user)
|
|
|
|
self.assertTrue(cache.get(key) is not None)
|
2020-06-18 21:43:51 +01:00
|
|
|
|
|
|
|
def test_planner_marker_reevaluate(self):
|
|
|
|
"""Test that the planner creates the proper marker"""
|
|
|
|
flow = Flow.objects.create(
|
|
|
|
name="test-default-context",
|
|
|
|
slug="test-default-context",
|
|
|
|
designation=FlowDesignation.AUTHENTICATION,
|
|
|
|
)
|
|
|
|
|
|
|
|
FlowStageBinding.objects.create(
|
2020-07-03 22:34:44 +01:00
|
|
|
target=flow,
|
2020-06-18 21:43:51 +01:00
|
|
|
stage=DummyStage.objects.create(name="dummy1"),
|
|
|
|
order=0,
|
|
|
|
re_evaluate_policies=True,
|
|
|
|
)
|
|
|
|
|
|
|
|
request = self.request_factory.get(
|
|
|
|
reverse("passbook_flows:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
|
|
)
|
|
|
|
request.user = get_anonymous_user()
|
|
|
|
|
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
plan = planner.plan(request)
|
|
|
|
|
|
|
|
self.assertIsInstance(plan.markers[0], ReevaluateMarker)
|
|
|
|
|
|
|
|
def test_planner_reevaluate_actual(self):
|
|
|
|
"""Test planner with re-evaluate"""
|
|
|
|
flow = Flow.objects.create(
|
|
|
|
name="test-default-context",
|
|
|
|
slug="test-default-context",
|
|
|
|
designation=FlowDesignation.AUTHENTICATION,
|
|
|
|
)
|
|
|
|
false_policy = DummyPolicy.objects.create(result=False, wait_min=1, wait_max=2)
|
|
|
|
|
|
|
|
binding = FlowStageBinding.objects.create(
|
2020-07-03 22:34:44 +01:00
|
|
|
target=flow, stage=DummyStage.objects.create(name="dummy1"), order=0
|
2020-06-18 21:43:51 +01:00
|
|
|
)
|
|
|
|
binding2 = FlowStageBinding.objects.create(
|
2020-07-03 22:34:44 +01:00
|
|
|
target=flow,
|
2020-06-18 21:43:51 +01:00
|
|
|
stage=DummyStage.objects.create(name="dummy2"),
|
|
|
|
order=1,
|
|
|
|
re_evaluate_policies=True,
|
|
|
|
)
|
|
|
|
|
|
|
|
PolicyBinding.objects.create(policy=false_policy, target=binding2, order=0)
|
|
|
|
|
|
|
|
request = self.request_factory.get(
|
|
|
|
reverse("passbook_flows:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
|
|
)
|
|
|
|
request.user = get_anonymous_user()
|
|
|
|
|
2020-09-28 10:47:50 +01:00
|
|
|
middleware = SessionMiddleware(dummy_get_response)
|
2020-06-18 21:43:51 +01:00
|
|
|
middleware.process_request(request)
|
|
|
|
request.session.save()
|
|
|
|
|
|
|
|
# Here we patch the dummy policy to evaluate to true so the stage is included
|
|
|
|
with patch(
|
|
|
|
"passbook.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE
|
|
|
|
):
|
|
|
|
planner = FlowPlanner(flow)
|
|
|
|
plan = planner.plan(request)
|
|
|
|
|
|
|
|
self.assertEqual(plan.stages[0], binding.stage)
|
|
|
|
self.assertEqual(plan.stages[1], binding2.stage)
|
|
|
|
|
|
|
|
self.assertIsInstance(plan.markers[0], StageMarker)
|
|
|
|
self.assertIsInstance(plan.markers[1], ReevaluateMarker)
|