aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/auth/test_credentials.py
blob: c1fc97afa4c92761000eac26fced8ee6269122f4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
"""Test the credentials checks"""
import sqlite3

import pytest
from contextlib import closing
from yoyo.migrations import MigrationList
from hypothesis import given, settings, strategies, HealthCheck

from tests.unit.auth.conftest import migrations_up_to
from gn3.auth.authentication import credentials_in_database
from gn3.migrations import get_migration, apply_migrations, rollback_migrations

@pytest.fixture
def with_credentials_table(backend, auth_testdb_path):
    migrations_dir = "migrations/auth"
    migration = f"{migrations_dir}/20221103_02_sGrIs-create-user-credentials-table.py"
    migrations = (migrations_up_to(migration, migrations_dir) +
                  MigrationList([get_migration(migration)]))
    apply_migrations(backend, migrations)
    with closing(sqlite3.connect(auth_testdb_path)) as conn:
        yield conn

    rollback_migrations(backend, migrations)

@pytest.fixture
def with_credentials(with_credentials_table):
    with closing(with_credentials_table.cursor()) as cursor:
        cursor.executemany(
            "INSERT INTO users VALUES (:user_id, :email, :name)",
            ({"user_id": "82552014-21ee-4321-b96a-b8788b97b862",
              "email": "first@test.user",
              "name": "First Test User"
              },
             {"user_id": "bdd5cb7a-072d-4c2b-9872-d0cecb718523",
              "email": "second@test.user",
              "name": "Second Test User"
              }))
        cursor.executemany(
            "INSERT INTO user_credentials VALUES (:user_id, :password)",
            ({"user_id": "82552014-21ee-4321-b96a-b8788b97b862",
              "password": b'$2b$12$LAh1PYtUgAFK7d5fA0EfL.4AdTZuYEAfzwO.p.jXVboxcP8bXNj7a'
              },
             {"user_id": "bdd5cb7a-072d-4c2b-9872-d0cecb718523",
              "password": b'$2b$12$zX77QCFSJuwIjAZGc0Jq5.rCWMHEMKD9Zf3Ay4C0AzwsiZ7SSPdKO'
              }))

        yield with_credentials_table

        cursor.executemany("DELETE FROM user_credentials WHERE user_id=?",
                           (("82552014-21ee-4321-b96a-b8788b97b862",),
                            ("bdd5cb7a-072d-4c2b-9872-d0cecb718523",)))
        cursor.executemany("DELETE FROM users WHERE user_id=?",
                           (("82552014-21ee-4321-b96a-b8788b97b862",),
                            ("bdd5cb7a-072d-4c2b-9872-d0cecb718523",)))

@pytest.mark.unit_test
@given(strategies.emails(), strategies.text())
@settings(suppress_health_check=[HealthCheck.function_scoped_fixture])
def test_credentials_not_in_database(with_credentials, email, password):
    """
    GIVEN: credentials that do not exist in the database
    WHEN: the `credentials_in_database` function is run against the credentials
    THEN: check that the function returns false in all cases.
    """
    with closing(with_credentials.cursor()) as cursor:
        results = credentials_in_database(cursor, email, password)
        assert credentials_in_database(cursor, email, password) is False

@pytest.mark.unit_test
@pytest.mark.parametrize(
    "email,password",
    (("first@test.user", "wrongpassword"),
     ("first@tes.user", "testuser01")))
def test_partially_wrong_credentials(with_credentials, email, password):
    """
    GIVEN: credentials that exist in the database
    WHEN: the credentials are checked with partially wrong values
    THEN: the check fails since the credentials are not correct
    """
    with closing(with_credentials.cursor()) as cursor:
        results = credentials_in_database(cursor, email, password)
        assert credentials_in_database(cursor, email, password) is False

@pytest.mark.unit_test
@pytest.mark.parametrize(
    "email,password",
    (("first@test.user", "testuser01"),
     ("second@test.user", "testuser02")))
def test_partially_wrong_credentials(with_credentials, email, password):
    """
    GIVEN: credentials that exist in the database
    WHEN: the credentials are checked with correct values
    THEN: the check passes
    """
    with closing(with_credentials.cursor()) as cursor:
        results = credentials_in_database(cursor, email, password)
        assert credentials_in_database(cursor, email, password) is True