Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add authentication unit tests #14

Merged
merged 4 commits into from
Apr 4, 2020
Merged

Add authentication unit tests #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
98e13cd
Add authentication unit tests
igarcezlybe Apr 4, 2020
cb18262
Adjust the commented exception test
igarcezlybe Apr 4, 2020
22421b4
Update the README.md file with test information
Apr 4, 2020
c0f8cac
clean up PEP8 warnings and remove badly implemented test
Apr 4, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,11 @@ your machine, or use `pyenv` as described later in this documentation.
(env-3.7.5) quarantined_backend/$ python manage.py runserver
```
or even better, run it from pyCharm using your debugger

## Automated tests

You can run the test suite by executing `(env-3.7.5) quarantined_backend/$ python manage.py test` or setting up the
django test configuration to PyCharm.

## FAQ

Expand Down
150 changes: 149 additions & 1 deletion authentication/tests.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,151 @@
from unittest.mock import patch, MagicMock, Mock

from django.test import TestCase
from django.views import View
from rest_framework import serializers

from authentication.permissions import IsAffectedUser, IsHelperUser, IsOwnerOfRequest
from authentication.serializer import EmailAuthTokenSerializer
from crisis.models import Request


class MockUser:
def __init__(
self,
is_authenticated: bool = False,
):
self.is_authenticated = is_authenticated


class MockRequest:
pass


class MockRelatedParticipant:
def __init__(self, type: str = ""):
self.type = type


failure_authenticate_mock = MagicMock(return_value=None)
success_authenticate_mock = MagicMock(return_value=MockUser())


class EmailAuthTokenSerializerTest(TestCase):
def setUp(self) -> None:
self.model = EmailAuthTokenSerializer()

@patch("authentication.serializer.authenticate", failure_authenticate_mock)
def test_failed_authentication_should_raise_validation_error(self):
with self.assertRaisesMessage(serializers.ValidationError, 'Unable to log in with provided credentials.'):
self.model.validate(attrs=dict(email="[email protected]", password="abc123"))

def test_missing_credentials_should_throw_exception(self):
with self.assertRaisesMessage(serializers.ValidationError, 'Must include "email" and "password".'):
self.model.validate(attrs=dict())

@patch("authentication.serializer.authenticate", success_authenticate_mock)
def test_success_authentication_should_return_authenticate_result(self):
result = self.model.validate(attrs=dict(email="[email protected]", password="abc123"))
self.assertEquals(type(result['user']), type(MockUser()))


class IsAffectedUserTest(TestCase):
def setUp(self) -> None:
self.model = IsAffectedUser()

def test_request_user_must_be_authenticated_and_affected(self):
mock_request = MockRequest()
mock_user = MockUser(is_authenticated=False)
mock_user.related_participant = MockRelatedParticipant(type="AF")
mock_request.user = mock_user
self.assertFalse(self.model.has_permission(mock_request, None))

mock_request = MockRequest()
mock_user = MockUser(is_authenticated=True)
mock_user.related_participant = MockRelatedParticipant(type="SomethingElse")
mock_request.user = mock_user
self.assertFalse(self.model.has_permission(mock_request, None))

mock_request = MockRequest()
mock_user = MockUser(is_authenticated=False)
mock_user.related_participant = MockRelatedParticipant(type="SomethingElse")
mock_request.user = mock_user
self.assertFalse(self.model.has_permission(mock_request, None))

mock_request = MockRequest()
mock_user = MockUser(is_authenticated=True)
mock_user.related_participant = MockRelatedParticipant(type="AF")
mock_request.user = mock_user
self.assertTrue(self.model.has_permission(mock_request, None))


class IsHelperUserTest(TestCase):
def setUp(self) -> None:
self.model = IsHelperUser()

def test_only_helper_can_assign_a_request(self):
# test that all allowed types have permission as long as authenticated
allowed_types = ["HL", "AU", "TP"]
for allowed_type in allowed_types:
mock_request = MockRequest()
mock_user = MockUser(is_authenticated=True)
mock_user.related_participant = MockRelatedParticipant(type=allowed_type)
mock_request.user = mock_user
self.assertTrue(self.model.has_permission(mock_request, None))

mock_request = MockRequest()
mock_user = MockUser(is_authenticated=False)
mock_user.related_participant = MockRelatedParticipant(type=allowed_type)
mock_request.user = mock_user
self.assertFalse(self.model.has_permission(mock_request, None))

# test that an authenticated user with an disallowed type does not have permission
mock_request = MockRequest()
mock_user = MockUser(is_authenticated=True)
mock_user.related_participant = MockRelatedParticipant(type="AF")
mock_request.user = mock_user
self.assertFalse(self.model.has_permission(mock_request, None))


currentUser = MockUser()

participant_request_mock = Mock()
participant_request_mock.owner = Mock()
participant_request_mock.owner.user = currentUser

objects_mock = Mock()
objects_mock.get.return_value = participant_request_mock

success_request_mock = Mock(spec=Request)
success_request_mock.objects = objects_mock

found_but_wrong_participant_request_mock = Mock()
found_but_wrong_participant_request_mock.owner = Mock()
# here we return another mock user different from 'owner'
found_but_wrong_participant_request_mock.user = MockUser()

found_but_wrong_objects_mock = Mock()
found_but_wrong_objects_mock.get.return_value = found_but_wrong_participant_request_mock

found_but_wrong_request = Mock(spec=Request)
found_but_wrong_request.objects = found_but_wrong_objects_mock


class IsOwnerOfRequestTest(TestCase):
def setUp(self) -> None:
self.model = IsOwnerOfRequest()
self.viewMock = Mock(spec=View)
self.viewMock.kwargs = Mock()
self.viewMock.kwargs.get.return_value = None

@patch("authentication.permissions.Request", success_request_mock)
def test_owners_should_have_permission(self):
request = MockRequest()
request.user = currentUser
self.assertTrue(self.model.has_permission(request, self.viewMock))

# Create your tests here.
@patch("authentication.permissions.Request", found_but_wrong_request)
def test_non_owners_should_not_have_permission(self):
request = MockRequest()
request.user = currentUser
self.assertFalse(self.model.has_permission(request, self.viewMock))