supysonic/tests/managers/test_manager_user.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# vim:fenc=utf-8
#
# This file is part of Supysonic.
# Supysonic is a Python implementation of the Subsonic server API.
#
# Copyright (C) 2013-2017 Alban 'spl0k' Féron
#                    2017 Óscar García Amor
#
# Distributed under terms of the GNU AGPLv3 license.

from supysonic import db
from supysonic.managers.user import UserManager

import io
import unittest
import uuid

from pony.orm import db_session
from pony.orm import ObjectNotFound

class UserManagerTestCase(unittest.TestCase):
    def setUp(self):
        # Create an empty sqlite database in memory
        self.store = db.get_database('sqlite:', True)

    @db_session
    def create_data(self):
        # Create some users
        self.assertEqual(UserManager.add('alice', 'ALICE', 'test@example.com', True), UserManager.SUCCESS)
        self.assertEqual(UserManager.add('bob', 'BOB', 'bob@example.com', False), UserManager.SUCCESS)
        self.assertEqual(UserManager.add('charlie', 'CHARLIE', 'charlie@example.com', False), UserManager.SUCCESS)

        folder = db.Folder(name = 'Root', path = 'tests/assets', root = True)
        artist = db.Artist(name = 'Artist')
        album = db.Album(name = 'Album', artist = artist)
        track = db.Track(
            title = 'Track',
            disc = 1,
            number = 1,
            duration = 1,
            artist = artist,
            album = album,
            path = 'tests/assets/empty',
            folder = folder,
            root_folder = folder,
            content_type = 'audio/mpeg',
            bitrate = 320,
            last_modification = 0
        )

        playlist = db.Playlist(
            name = 'Playlist',
            user = db.User.get(name = 'alice')
        )
        playlist.add(track)

    def tearDown(self):
        db.release_database(self.store)

    def test_encrypt_password(self):
        func = UserManager._UserManager__encrypt_password
        self.assertEqual(func(u'password',u'salt'), (u'59b3e8d637cf97edbe2384cf59cb7453dfe30789', u'salt'))
        self.assertEqual(func(u'pass-word',u'pepper'), (u'd68c95a91ed7773aa57c7c044d2309a5bf1da2e7', u'pepper'))
        self.assertEqual(func(u'éèàïô', u'ABC+'), (u'b639ba5217b89c906019d89d5816b407d8730898', u'ABC+'))

    @db_session
    def test_get_user(self):
        self.create_data()

        # Get existing users
        for name in ['alice', 'bob', 'charlie']:
            user = db.User.get(name = name)
            self.assertEqual(UserManager.get(user.id), (UserManager.SUCCESS, user))

        # Get with invalid UUID
        self.assertEqual(UserManager.get('invalid-uuid'), (UserManager.INVALID_ID, None))
        self.assertEqual(UserManager.get(0xfee1bad), (UserManager.INVALID_ID, None))

        # Non-existent user
        self.assertEqual(UserManager.get(uuid.uuid4()), (UserManager.NO_SUCH_USER, None))

    @db_session
    def test_add_user(self):
        self.create_data()
        self.assertEqual(db.User.select().count(), 3)

        # Create duplicate
        self.assertEqual(UserManager.add('alice', 'Alic3', 'alice@example.com', True), UserManager.NAME_EXISTS)

    @db_session
    def test_delete_user(self):
        self.create_data()

        # Delete invalid UUID
        self.assertEqual(UserManager.delete('invalid-uuid'), UserManager.INVALID_ID)
        self.assertEqual(UserManager.delete(0xfee1b4d), UserManager.INVALID_ID)
        self.assertEqual(db.User.select().count(), 3)

        # Delete non-existent user
        self.assertEqual(UserManager.delete(uuid.uuid4()), UserManager.NO_SUCH_USER)
        self.assertEqual(db.User.select().count(), 3)

        # Delete existing users
        for name in ['alice', 'bob', 'charlie']:
            user = db.User.get(name = name)
            self.assertEqual(UserManager.delete(user.id), UserManager.SUCCESS)
            self.assertRaises(ObjectNotFound, db.User.__getitem__, user.id)
        self.store.commit()
        self.assertEqual(db.User.select().count(), 0)

    @db_session
    def test_delete_by_name(self):
        self.create_data()

        # Delete existing users
        for name in ['alice', 'bob', 'charlie']:
            self.assertEqual(UserManager.delete_by_name(name), UserManager.SUCCESS)
            self.assertFalse(db.User.exists(name = name))

        # Delete non-existent user
        self.assertEqual(UserManager.delete_by_name('null'), UserManager.NO_SUCH_USER)

    @db_session
    def test_try_auth(self):
        self.create_data()

        # Test authentication
        for name in ['alice', 'bob', 'charlie']:
            user = db.User.get(name = name)
            self.assertEqual(UserManager.try_auth(name, name.upper()), (UserManager.SUCCESS, user))

        # Wrong password
        self.assertEqual(UserManager.try_auth('alice', 'bad'), (UserManager.WRONG_PASS, None))
        self.assertEqual(UserManager.try_auth('alice', 'alice'), (UserManager.WRONG_PASS, None))

        # Non-existent user
        self.assertEqual(UserManager.try_auth('null', 'null'), (UserManager.NO_SUCH_USER, None))

    @db_session
    def test_change_password(self):
        self.create_data()

        # With existing users
        for name in ['alice', 'bob', 'charlie']:
            user = db.User.get(name = name)
            # Good password
            self.assertEqual(UserManager.change_password(user.id, name.upper(), 'newpass'), UserManager.SUCCESS)
            self.assertEqual(UserManager.try_auth(name, 'newpass'), (UserManager.SUCCESS, user))
            # Old password
            self.assertEqual(UserManager.try_auth(name, name.upper()), (UserManager.WRONG_PASS, None))
            # Wrong password
            self.assertEqual(UserManager.change_password(user.id, 'badpass', 'newpass'), UserManager.WRONG_PASS)

        # Ensure we still got the same number of users
        self.assertEqual(db.User.select().count(), 3)

        # With invalid UUID
        self.assertEqual(UserManager.change_password('invalid-uuid', 'oldpass', 'newpass'), UserManager.INVALID_ID)

        # Non-existent user
        self.assertEqual(UserManager.change_password(uuid.uuid4(), 'oldpass', 'newpass'), UserManager.NO_SUCH_USER)

    @db_session
    def test_change_password2(self):
        self.create_data()

        # With existing users
        for name in ['alice', 'bob', 'charlie']:
            self.assertEqual(UserManager.change_password2(name, 'newpass'), UserManager.SUCCESS)
            user = db.User.get(name = name)
            self.assertEqual(UserManager.try_auth(name, 'newpass'), (UserManager.SUCCESS, user))
            self.assertEqual(UserManager.try_auth(name, name.upper()), (UserManager.WRONG_PASS, None))

        # Non-existent user
        self.assertEqual(UserManager.change_password2('null', 'newpass'), UserManager.NO_SUCH_USER)

    def test_human_readable_error(self):
        values = [ UserManager.SUCCESS, UserManager.INVALID_ID, UserManager.NO_SUCH_USER, UserManager.NAME_EXISTS,
            UserManager.WRONG_PASS, 1594826, 'string', uuid.uuid4() ]
        for value in values:
            self.assertIsInstance(UserManager.error_str(value), basestring)

if __name__ == '__main__':
    unittest.main()