|
8 | 8 |
|
9 | 9 | from murfey.server.api.auth import ( |
10 | 10 | submit_to_auth_endpoint, |
| 11 | + validate_frontend_session_access, |
11 | 12 | validate_token, |
| 13 | + validate_user_instrument_access, |
12 | 14 | ) |
13 | 15 |
|
14 | 16 |
|
@@ -139,8 +141,10 @@ async def test_submit_to_auth_endpoint( |
139 | 141 | @pytest.mark.parametrize( |
140 | 142 | "test_params", |
141 | 143 | ( # Exception raised? | Auth URL | Auth type | Validation outcome | User decoded | User exists |
| 144 | + # These cases will pass |
142 | 145 | (False, "some_url", "cookie", True, True, True), |
143 | 146 | (False, "", "password", True, True, True), |
| 147 | + # These cases will fail |
144 | 148 | # Auth endpoint returns False |
145 | 149 | (True, "some_url", "cookie", False, True, True), |
146 | 150 | # Authenticating with cookie, but no auth URL |
@@ -245,14 +249,125 @@ async def test_validate_instrument_server_session_access(): |
245 | 249 | pass |
246 | 250 |
|
247 | 251 |
|
| 252 | +@pytest.mark.parametrize( |
| 253 | + "test_params", |
| 254 | + ( # Raises exception | Auth URL | Validation outcome |
| 255 | + # These cases will pass |
| 256 | + (False, "some_url", True), |
| 257 | + (False, "", True), |
| 258 | + # These cases will fail |
| 259 | + (True, "some_url", False), |
| 260 | + ), |
| 261 | +) |
248 | 262 | @pytest.mark.asyncio |
249 | | -async def test_validate_frontend_session_access(): |
250 | | - pass |
| 263 | +async def test_validate_frontend_session_access( |
| 264 | + mocker: MockerFixture, |
| 265 | + test_params: tuple[bool, str, bool], |
| 266 | +): |
| 267 | + # Unpack the test parameters |
| 268 | + raises_exception, auth_url, validation_outcome = test_params |
| 269 | + session_id = 1 |
| 270 | + |
| 271 | + # Mock the request and token |
| 272 | + mock_request = MagicMock() |
| 273 | + mock_token = "123456" |
| 274 | + |
| 275 | + # Mock the results of 'get_visit_name' |
| 276 | + visit_name = "test_visit" |
| 277 | + mock_get_visit_name = mocker.patch( |
| 278 | + "murfey.server.api.auth.get_visit_name", return_value=visit_name |
| 279 | + ) |
| 280 | + |
| 281 | + # Patch the auth URL |
| 282 | + mocker.patch("murfey.server.api.auth.auth_url", auth_url) |
| 283 | + |
| 284 | + # Patch the 'submit_to_auth_endpoint' function |
| 285 | + mock_submit = mocker.patch( |
| 286 | + "murfey.server.api.auth.submit_to_auth_endpoint", new_callable=AsyncMock |
| 287 | + ) |
| 288 | + mock_submit.return_value = {"valid": validation_outcome} |
| 289 | + |
| 290 | + # Run the function and check that the results and passed parameters are as expected |
| 291 | + if not raises_exception: |
| 292 | + result = await validate_frontend_session_access( |
| 293 | + session_id=session_id, |
| 294 | + request=mock_request, |
| 295 | + token=mock_token, |
| 296 | + ) |
| 297 | + mock_get_visit_name.assert_called_once_with(session_id) |
| 298 | + if auth_url: |
| 299 | + mock_submit.assert_awaited_once_with( |
| 300 | + f"validate_visit_access/{visit_name}", |
| 301 | + mock_request, |
| 302 | + mock_token, |
| 303 | + ) |
| 304 | + else: |
| 305 | + mock_submit.assert_not_called() |
| 306 | + assert result == session_id |
| 307 | + else: |
| 308 | + with pytest.raises(HTTPException): |
| 309 | + await validate_frontend_session_access( |
| 310 | + session_id=session_id, |
| 311 | + request=mock_request, |
| 312 | + token=mock_token, |
| 313 | + ) |
251 | 314 |
|
252 | 315 |
|
| 316 | +@pytest.mark.parametrize( |
| 317 | + "test_params", |
| 318 | + ( # Raises exception | Auth URL | Validation outcome |
| 319 | + # These cases will pass |
| 320 | + (False, "some_url", True), |
| 321 | + (False, "", True), |
| 322 | + # These cases will fail |
| 323 | + (True, "some_url", False), |
| 324 | + ), |
| 325 | +) |
253 | 326 | @pytest.mark.asyncio |
254 | | -async def test_validate_user_instrument_access(): |
255 | | - pass |
| 327 | +async def test_validate_user_instrument_access( |
| 328 | + mocker: MockerFixture, |
| 329 | + test_params: tuple[bool, str, bool], |
| 330 | +): |
| 331 | + # Unpack the test parameters |
| 332 | + raises_exception, auth_url, validation_outcome = test_params |
| 333 | + instrument_name = "some_instrument" |
| 334 | + |
| 335 | + # Mock the request and token |
| 336 | + mock_request = MagicMock() |
| 337 | + mock_token = "123456" |
| 338 | + |
| 339 | + # Patch the auth URL |
| 340 | + mocker.patch("murfey.server.api.auth.auth_url", auth_url) |
| 341 | + |
| 342 | + # Patch the 'submit_to_auth_endpoint' function |
| 343 | + mock_submit = mocker.patch( |
| 344 | + "murfey.server.api.auth.submit_to_auth_endpoint", new_callable=AsyncMock |
| 345 | + ) |
| 346 | + mock_submit.return_value = {"valid": validation_outcome} |
| 347 | + |
| 348 | + # Run the function and check that the results and passed parameters are as expected |
| 349 | + if not raises_exception: |
| 350 | + result = await validate_user_instrument_access( |
| 351 | + instrument_name=instrument_name, |
| 352 | + request=mock_request, |
| 353 | + token=mock_token, |
| 354 | + ) |
| 355 | + if auth_url: |
| 356 | + mock_submit.assert_awaited_once_with( |
| 357 | + f"validate_instrument_access/{instrument_name}", |
| 358 | + mock_request, |
| 359 | + mock_token, |
| 360 | + ) |
| 361 | + else: |
| 362 | + mock_submit.assert_not_called() |
| 363 | + assert result == instrument_name |
| 364 | + else: |
| 365 | + with pytest.raises(HTTPException): |
| 366 | + await validate_user_instrument_access( |
| 367 | + instrument_name=instrument_name, |
| 368 | + request=mock_request, |
| 369 | + token=mock_token, |
| 370 | + ) |
256 | 371 |
|
257 | 372 |
|
258 | 373 | def test_verify_password(): |
|
0 commit comments