ceph/src/pybind/mgr/dashboard/tests/test_auth.py

   1 import unittest
   2 from unittest.mock import Mock, patch
   3
   4 from .. import mgr
   5 from ..controllers.auth import Auth
   6 from ..services.auth import JwtManager
   7 from ..tests import ControllerTestCase
   8
   9 mgr.get_module_option.return_value = JwtManager.JWT_TOKEN_TTL
  10 mgr.get_store.return_value = 'jwt_secret'
  11 mgr.ACCESS_CTRL_DB = Mock()
  12 mgr.ACCESS_CTRL_DB.get_attempt.return_value = 1
  13
  14
  15 class JwtManagerTest(unittest.TestCase):
  16
  17     def test_generate_token_and_decode(self):
  18         mgr.get_module_option.return_value = JwtManager.JWT_TOKEN_TTL
  19         mgr.get_store.return_value = 'jwt_secret'
  20
  21         token = JwtManager.gen_token('my-username')
  22         self.assertIsInstance(token, str)
  23         self.assertTrue(token)
  24
  25         decoded_token = JwtManager.decode_token(token)
  26         self.assertIsInstance(decoded_token, dict)
  27         self.assertEqual(decoded_token['iss'], 'ceph-dashboard')
  28         self.assertEqual(decoded_token['username'], 'my-username')
  29
  30
  31 class AuthTest(ControllerTestCase):
  32
  33     @classmethod
  34     def setup_server(cls):
  35         cls.setup_controllers([Auth])
  36
  37     def test_request_not_authorized(self):
  38         self.setup_controllers([Auth], cp_config={'tools.authenticate.on': True})
  39         self._post('/api/auth/logout')
  40         self.assertStatus(401)
  41
  42     @patch('dashboard.controllers.auth.JwtManager.gen_token', Mock(return_value='my-token'))
  43     @patch('dashboard.controllers.auth.AuthManager.authenticate', Mock(return_value={
  44         'permissions': {'rgw': ['read']},
  45         'pwdExpirationDate': 1000000,
  46         'pwdUpdateRequired': False
  47     }))
  48     def test_login(self):
  49         self._post('/api/auth', {'username': 'my-user', 'password': 'my-pass'})
  50         self.assertStatus(201)
  51         self.assertJsonBody({
  52             'token': 'my-token',
  53             'username': 'my-user',
  54             'permissions': {'rgw': ['read']},
  55             'pwdExpirationDate': 1000000,
  56             'sso': False,
  57             'pwdUpdateRequired': False
  58         })
  59
  60     @patch('dashboard.controllers.auth.JwtManager', Mock())
  61     def test_logout(self):
  62         self._post('/api/auth/logout')
  63         self.assertStatus(200)
  64         self.assertJsonBody({
  65             'redirect_url': '#/login'
  66         })