web/flask-home-vod
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

flask server

Browse source
This commit is contained in:
Gergely Hegedus 2023-02-01 23:15:18 +02:00
parent 5acb2992ce
commit 0a71a6c840
54 changed files with 5876 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
server/flask/application/test/data/__init__.py Normal file
View file

@ -0,0 +1,5 @@
import os, sys
currentDir = os.path.dirname(__file__)
parentDir = os.path.join(currentDir, '..')
sys.path.append(os.path.abspath(parentDir))

75
server/flask/application/test/data/test_dao_registration_tokens.py Normal file
View file

@ -0,0 +1,75 @@
import os,sys
sys.path.append('../')
import context
import unittest
import unittest.mock
import time
from flask import current_app
import backend.data.db as db
from backend.data.data_models import DataError
import backend.data.dao_registration_tokens as sut
class RegistrationTokenDAOTest(unittest.TestCase):
app = context.create_app(context.default_test_config)
def setUp(self):
with self.app.app_context():
db.init_db()
def tearDown(self):
with self.app.app_context():
db.close_db()
os.remove("testdb")
def test_empty_db_contains_no_token(self):
token = "token"
with self.app.app_context():
actual = sut.is_valid_token(token)
self.assertEqual(False, actual)
def test_inserted_token_is_found(self):
token = "token"
with self.app.app_context():
sut.insert_token(token)
actual = sut.is_valid_token(token)
self.assertEqual(True, actual)
def test_same_token_cannot_be_inserted_twice(self):
token = "token"
with self.app.app_context():
sut.insert_token(token)
result = sut.insert_token(token)
self.assertEqual(DataError.REGISTRATION_CODE_ALREADY_EXISTS, result)
def test_token_deleted_is_not_found(self):
token = "token"
with self.app.app_context():
sut.insert_token(token)
sut.delete_token(token)
actual = sut.is_valid_token(token)
self.assertEqual(False, actual)
def test_tokens_can_be_requested(self):
expected = ['token-1', 'token-3']
with self.app.app_context():
sut.insert_token('token-1')
sut.insert_token('token-2')
sut.insert_token('token-3')
sut.delete_token('token-2')
actual = sut.get_tokens()
self.assertEqual(expected, actual)
if __name__ == '__main__':
unittest.main(verbosity=2)

83
server/flask/application/test/data/test_dao_reset_password_tokens.py Normal file
View file

@ -0,0 +1,83 @@
import os,sys
sys.path.append('../')
import context
import unittest
import unittest.mock
import time
from flask import current_app
import backend.data.db as db
import backend.data.dao_reset_password_tokens as sut
class ResetPasswordTokenDAOTest(unittest.TestCase):
app = context.create_app(context.default_test_config)
def setUp(self):
with self.app.app_context():
db.init_db()
def tearDown(self):
with self.app.app_context():
db.close_db()
os.remove("testdb")
@unittest.mock.patch('time.time', return_value=1000)
def test_empty_db_contains_no_token(self, mock_time):
token = "token"
with self.app.app_context():
actual = sut.is_valid_token(token = token, username = "")
self.assertEqual(False, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_inserted_token_is_found(self, mock_time):
token = "token"
username = "usr"
with self.app.app_context():
sut.insert_token(token = token, username = username, expires_at = 2000)
actual = sut.is_valid_token(token = token, username = username)
self.assertEqual(True, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_inserted_expired_token_is_not_found(self, mock_time):
token = "token"
username = "usr"
with self.app.app_context():
sut.insert_token(token = token, username = username, expires_at = 1000)
actual = sut.is_valid_token(token = token, username = username)
self.assertEqual(False, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_token_deleted_is_not_found(self, mock_time):
token = "token"
username = "usr"
with self.app.app_context():
sut.insert_token(token = token, username = username, expires_at = 2000)
sut.delete_tokens(username = username)
actual = sut.is_valid_token(token = token, username = username)
self.assertEqual(False, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_only_given_user_tokens_are_deleted(self, mock_time):
token = "token"
username_given = "usr_given"
username = "usr_other"
with self.app.app_context():
sut.insert_token(token = token, username = username_given, expires_at = 2000)
sut.insert_token(token = token, username = username, expires_at = 2000)
sut.delete_tokens(username = username_given)
actual = sut.is_valid_token(token = token, username = username)
self.assertEqual(True, actual)
if __name__ == '__main__':
unittest.main(verbosity=2)

247
server/flask/application/test/data/test_dao_session.py Normal file
View file

@ -0,0 +1,247 @@
import os,sys
sys.path.append('../')
import context
import unittest
import unittest.mock
import time
from flask import current_app
from backend.data import db
from backend.data.data_models import Session
import backend.data.dao_session as sut
# Notes to myself:
# test nees tu start with test
# sys.path.append('../') appends the path so context can be imported
# with self.app.app_context(): is required to have current_app, if no request is running
class SessionDAOTest(unittest.TestCase):
app = context.create_app(context.default_test_config)
def setUp(self):
with self.app.app_context():
db.init_db()
def tearDown(self):
with self.app.app_context():
db.close_db()
os.remove("testdb")
def test_empty_db_contains_no_token(self):
expected = None
token = "token"
with self.app.app_context():
actual = sut.get_user_for_token(token)
self.assertEqual(expected, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_inserted_token_is_found(self, mock_time):
assert time.time() == 1000
expected = 13
token = "token"
session = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 2000,
refresh_expires_at = 4000
)
with self.app.app_context():
sut.insert_user_session(session)
actual = sut.get_user_for_token(token)
self.assertEqual(expected, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_same_token_results_in_not_found(self, mock_time):
assert time.time() == 1000
expected = None
token = "token"
session1 = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 2000,
refresh_expires_at = 4000
)
session2 = Session(
user_id = 14,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 2000,
refresh_expires_at = 4000
)
with self.app.app_context():
sut.insert_user_session(session1)
sut.insert_user_session(session2)
actual = sut.get_user_for_token(token)
self.assertEqual(expected, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_expired_access_token_isnt_returned(self, mock_time):
assert time.time() == 1000
expected = None
token = "token"
session = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 500,
refresh_expires_at = 2000
)
with self.app.app_context():
sut.insert_user_session(session)
actual = sut.get_user_for_token(token)
self.assertEqual(expected, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_expired_refresh_token_isnt_returned(self, mock_time):
assert time.time() == 1000
expected = None
token = "token"
session = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 2500,
refresh_expires_at = 500
)
with self.app.app_context():
sut.insert_user_session(session)
actual = sut.get_user_for_token(token)
self.assertEqual(expected, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_deleted_session_isnt_returned(self, mock_time):
assert time.time() == 1000
expected = None
token = "token"
session = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 1500,
refresh_expires_at = 5000
)
with self.app.app_context():
sut.insert_user_session(session = session)
sut.delete_user_session(access_token = token)
actual = sut.get_user_for_token(access_token = token)
self.assertEqual(expected, actual)
@unittest.mock.patch('time.time', return_value=1000)
def test_deleted_all_user_session_isnt_returned(self, mock_time):
assert time.time() == 1000
expected = None
session1 = Session(
user_id = 13,
access_token = "token1",
refresh_token = "refresh_token1",
access_expires_at = 1500,
refresh_expires_at = 5000
)
session2 = Session(
user_id = 13,
access_token = "token2",
refresh_token = "refresh_token2",
access_expires_at = 1500,
refresh_expires_at = 5000
)
session_of_different_user = Session(
user_id = 14,
access_token = "token3",
refresh_token = "refresh_token3",
access_expires_at = 1500,
refresh_expires_at = 5000
)
with self.app.app_context():
sut.insert_user_session(session = session1)
sut.insert_user_session(session = session2)
sut.insert_user_session(session = session_of_different_user)
sut.delete_all_user_session_by_user_id(user_id=13)
actual1 = sut.get_user_for_token(access_token = session1.access_token)
actual2 = sut.get_user_for_token(access_token = session2.access_token)
actual_of_different_user = sut.get_user_for_token(access_token = session_of_different_user.access_token)
self.assertEqual(expected, actual1)
self.assertEqual(expected, actual2)
self.assertEqual(session_of_different_user.user_id, actual_of_different_user)
@unittest.mock.patch('time.time', return_value=1000)
def test_after_new_single_session_old_session_is_not_returned(self, mock_time):
assert time.time() == 1000
token = "token"
new_token = "new_token"
session = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 1500,
refresh_expires_at = 5000
)
new_session = session = Session(
user_id = 13,
access_token = new_token,
refresh_token = "refresh_token",
access_expires_at = 1500,
refresh_expires_at = 5000
)
expected_old = None
expected_new = 13
with self.app.app_context():
sut.insert_user_session(session = session)
sut.create_new_single_session(session = new_session)
actual_old = sut.get_user_for_token(access_token = token)
actual_new = sut.get_user_for_token(access_token = new_token)
self.assertEqual(expected_old, actual_old)
self.assertEqual(expected_new, actual_new)
@unittest.mock.patch('time.time', return_value=1000)
def test_after_swap_refresh_session_old_session_is_not_returned(self, mock_time):
assert time.time() == 1000
token = "token"
new_token = "new_token"
session = Session(
user_id = 13,
access_token = token,
refresh_token = "refresh_token",
access_expires_at = 1500,
refresh_expires_at = 5000
)
new_session = session = Session(
user_id = 13,
access_token = new_token,
refresh_token = "refresh_token2",
access_expires_at = 1500,
refresh_expires_at = 5000
)
expected_old = None
expected_new = 13
with self.app.app_context():
sut.insert_user_session(session = session)
sut.swap_refresh_session(refresh_token = session.refresh_token, session = new_session)
actual_old = sut.get_user_for_token(access_token = token)
actual_new = sut.get_user_for_token(access_token = new_token)
self.assertEqual(expected_old, actual_old)
self.assertEqual(expected_new, actual_new)
if __name__ == '__main__':
unittest.main(verbosity=2)

301
server/flask/application/test/data/test_dao_users.py Normal file
View file

@ -0,0 +1,301 @@
import os,sys
sys.path.append('../')
import context
import unittest
import unittest.mock
import time
from flask import current_app
from backend.data import db
from backend.data.data_models import RegisteringUser
from backend.data.data_models import User
from backend.data.data_models import DataError
import backend.data.dao_users as sut
class RegistrationTokenDAOTest(unittest.TestCase):
app = context.create_app(context.default_test_config)
def setUp(self):
with self.app.app_context():
db.init_db()
def tearDown(self):
with self.app.app_context():
db.close_db()
os.remove("testdb")
def test_empty_db_contains_no_user(self):
user_id = 1
with self.app.app_context():
actual = sut.get_user_by_id(user_id)
self.assertEqual(None, actual)
def test_user_inserted_can_be_found_by_id(self):
inserted = RegisteringUser(
name = "admin",
password = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
expected = User(
id = 1,
name = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
with self.app.app_context():
user_id = sut.insert_user(inserted)
actual = sut.get_user_by_id(user_id)
self.assertEqual(expected.id, user_id)
self.assertEqual(expected, actual)
def test_deleted_user_cannot_be_found(self):
inserted = RegisteringUser(
name = "admin",
password = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
expected = None
with self.app.app_context():
user_id = sut.insert_user(inserted)
sut.delete_user_by_id(user_id)
actual = sut.get_user_by_id(user_id)
self.assertEqual(expected, actual)
def test_user_inserted_can_be_found_by_name(self):
inserted = RegisteringUser(
name = "admin",
password = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
expected = User(
id = 1,
name = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
with self.app.app_context():
user_id = sut.insert_user(inserted)
actual = sut.get_user_by_name('admin')
self.assertEqual(expected.id, user_id)
self.assertEqual(expected, actual)
def test_2_user_inserted_can_be_found_by_id(self):
inserted1 = RegisteringUser(
name = "admin",
password = "pass",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
expected1 = User(
id = 1,
name = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
inserted2 = RegisteringUser(
name = "admin2",
password = "pass",
otp_secret = "secret",
privileged = False,
)
expected2 = User(
id = 2,
name = "admin2",
otp_secret = "secret",
privileged = False,
was_otp_verified = False
)
with self.app.app_context():
user_id1 = sut.insert_user(inserted1)
actual1 = sut.get_user_by_id(user_id1)
user_id2 = sut.insert_user(inserted2)
actual2 = sut.get_user_by_id(user_id2)
self.assertEqual(expected1.id, user_id1)
self.assertEqual(expected1, actual1)
self.assertEqual(expected2.id, user_id2)
self.assertEqual(expected2, actual2)
def test_2_user_inserted_can_be_get(self):
inserted1 = RegisteringUser(
name = "admin",
password = "pass",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
expected1 = User(
id = 1,
name = "admin",
otp_secret = "secret",
privileged = True,
was_otp_verified = True
)
inserted2 = RegisteringUser(
name = "admin2",
password = "pass",
otp_secret = "secret",
privileged = False,
)
expected2 = User(
id = 2,
name = "admin2",
otp_secret = "secret",
privileged = False,
was_otp_verified = False
)
with self.app.app_context():
user_id1 = sut.insert_user(inserted1)
user_id2 = sut.insert_user(inserted2)
actual = sut.get_users()
self.assertEqual([expected1,expected2], list(actual))
def test_user_inserted_can_not_be_found_by_good_name_and_wrong_password(self):
inserted = RegisteringUser(
name = "admin",
password = "pass",
otp_secret = "secret"
)
with self.app.app_context():
sut.insert_user(inserted)
actual = sut.get_user_by_name_and_password('admin', 'pass2')
self.assertEqual(None, actual)
def test_user_inserted_can_not_be_found_by_wrong_name_and_good_password(self):
inserted = RegisteringUser(
name = "admin",
password = "pass",
otp_secret = "secret"
)
with self.app.app_context():
sut.insert_user(inserted)
actual = sut.get_user_by_name_and_password('admin2', 'pass')
self.assertEqual(None, actual)
def test_user_inserted_can_be_found_by_name_and_password(self):
inserted = RegisteringUser(
name = "admin",
password = "pass",
otp_secret = "secret"
)
expected = User(
id = 1,
name = "admin",
otp_secret = "secret",
privileged = False,
was_otp_verified = False
)
with self.app.app_context():
sut.insert_user(inserted)
actual = sut.get_user_by_name_and_password('admin', 'pass')
self.assertEqual(expected, actual)
def test_update_user_privilige(self):
user = RegisteringUser(
name = "admin2",
password = "pass",
otp_secret = "secret"
)
expected = User(
id = 1,
name = "admin2",
otp_secret = "secret",
privileged = True,
was_otp_verified = False
)
with self.app.app_context():
user_id = sut.insert_user(user)
sut.update_user_privilige(user_id, True)
actual = sut.get_user_by_id(user_id)
self.assertEqual(expected, actual)
def test_update_user_otp_verification(self):
user = RegisteringUser(
name = "admin2",
password = "pass",
otp_secret = "secret"
)
expected = User(
id = 1,
name = "admin2",
otp_secret = "secret",
privileged = False,
was_otp_verified = True
)
with self.app.app_context():
user_id = sut.insert_user(user)
sut.update_user_otp_verification(user_id, True)
actual = sut.get_user_by_id(user_id)
self.assertEqual(expected, actual)
def test_insert_user_twice(self):
user = RegisteringUser(
name = "admin2",
password = "pass",
otp_secret = "secret"
)
with self.app.app_context():
sut.insert_user(user)
actual = sut.insert_user(user)
self.assertEqual(DataError.USER_NAME_NOT_VALID, actual)
def test_update_user_password(self):
user = RegisteringUser(
name = "admin2",
password = "pass",
otp_secret = "secret"
)
expected_old = None
expected_new = User(
id = 1,
name = "admin2",
otp_secret = "secret",
privileged = False,
was_otp_verified = False
)
with self.app.app_context():
user_id = sut.insert_user(user)
sut.update_user_password(user_id = user_id, new_password = "alma")
actual_old = sut.get_user_by_name_and_password(user_name = "admin2", password = "pass")
actual_new = sut.get_user_by_name_and_password(user_name = "admin2", password = "alma")
self.assertEqual(expected_old, actual_old)
self.assertEqual(expected_new, actual_new)
if __name__ == '__main__':
unittest.main(verbosity=2)