mirror of https://github.com/doccano/doccano.git
pythonannotation-tooldatasetsactive-learningtext-annotationdatasetnatural-language-processingdata-labelingmachine-learning
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
169 lines
5.5 KiB
169 lines
5.5 KiB
from django.contrib.auth import get_user_model
|
|
from django.test import TestCase, override_settings
|
|
from social_core.backends.azuread_tenant import AzureADTenantOAuth2
|
|
from social_core.backends.github import GithubOAuth2
|
|
from social_core.backends.okta import OktaOAuth2
|
|
from social_core.backends.okta_openidconnect import OktaOpenIdConnect
|
|
from vcr_unittest import VCRMixin
|
|
|
|
from .. import social_auth
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
class VCRTestCase(VCRMixin, TestCase):
|
|
@property
|
|
def access_token(self):
|
|
raise NotImplementedError()
|
|
|
|
def _get_vcr(self, **kwargs):
|
|
kwargs['decode_compressed_response'] = True
|
|
kwargs['record_mode'] = 'none' if self.access_token == 'censored' else 'all'
|
|
return super()._get_vcr(**kwargs)
|
|
|
|
def _get_vcr_kwargs(self, **kwargs):
|
|
kwargs['filter_headers'] = ['Authorization']
|
|
return super()._get_vcr_kwargs(**kwargs)
|
|
|
|
|
|
@override_settings(GITHUB_ADMIN_ORG_NAME='CatalystCode')
|
|
@override_settings(GITHUB_ADMIN_TEAM_NAME='doccano-dev')
|
|
class TestGithubSocialAuth(VCRTestCase):
|
|
strategy = None
|
|
backend = GithubOAuth2(strategy=strategy)
|
|
access_token = 'censored'
|
|
|
|
def test_fetch_permissions_is_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_github_permissions(
|
|
strategy=self.strategy,
|
|
details={'username': 'c-w'},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertTrue(user.is_superuser)
|
|
|
|
def test_fetch_permissions_not_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_github_permissions(
|
|
strategy=self.strategy,
|
|
details={'username': 'hirosan'},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertFalse(user.is_superuser)
|
|
|
|
|
|
@override_settings(SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_KEY='aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa')
|
|
@override_settings(SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET='bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb=')
|
|
@override_settings(SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_TENANT='cccccccc-cccc-cccc-cccc-cccccccccccc')
|
|
class TestAzureADTenantSocialAuth(VCRTestCase):
|
|
strategy = None
|
|
backend = AzureADTenantOAuth2(strategy=strategy)
|
|
access_token = 'censored'
|
|
|
|
@override_settings(AZUREAD_ADMIN_GROUP_ID='dddddddd-dddd-dddd-dddd-dddddddddddd')
|
|
def test_fetch_permissions_is_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_azuread_permissions(
|
|
strategy=self.strategy,
|
|
details={},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertTrue(user.is_superuser)
|
|
|
|
@override_settings(AZUREAD_ADMIN_GROUP_ID='eeeeeeee-eeee-eeee-eeee-eeeeeeeeeeee')
|
|
def test_fetch_permissions_not_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_azuread_permissions(
|
|
strategy=self.strategy,
|
|
details={},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertFalse(user.is_superuser)
|
|
|
|
|
|
@override_settings(SOCIAL_AUTH_OKTA_OAUTH2_KEY='0000000000aaaaaaaaaa') # nosec
|
|
@override_settings(SOCIAL_AUTH_OKTA_OAUTH2_SECRET='bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb=') # nosec
|
|
@override_settings(SOCIAL_AUTH_OKTA_OAUTH2_API_URL='https://dev-000000.okta.com/oauth2') # nosec
|
|
@override_settings(OKTA_OAUTH2_ADMIN_GROUP_NAME='admin-group')
|
|
class TestOktaOAuth2SocialAuth(VCRTestCase):
|
|
strategy = None
|
|
backend = OktaOAuth2(strategy=strategy)
|
|
access_token = 'censored'
|
|
|
|
def test_fetch_permissions_is_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_okta_oauth2_permissions(
|
|
strategy=self.strategy,
|
|
details={},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertTrue(user.is_superuser)
|
|
|
|
def test_fetch_permissions_not_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_okta_oauth2_permissions(
|
|
strategy=self.strategy,
|
|
details={},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertFalse(user.is_superuser)
|
|
|
|
|
|
@override_settings(SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY='0000000000aaaaaaaaaa') # nosec
|
|
@override_settings(SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET='bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb=') # nosec
|
|
@override_settings(SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL='https://dev-000000.okta.com/oauth2') # nosec
|
|
@override_settings(OKTA_OPENIDCONNECT_ADMIN_GROUP_NAME='admin-group')
|
|
class TestOktaOpenIdConnectSocialAuth(VCRTestCase):
|
|
strategy = None
|
|
backend = OktaOpenIdConnect(strategy=strategy)
|
|
access_token = 'censored'
|
|
|
|
def test_fetch_permissions_is_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_okta_openidconnect_permissions(
|
|
strategy=self.strategy,
|
|
details={},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertTrue(user.is_superuser)
|
|
|
|
def test_fetch_permissions_not_admin(self):
|
|
user = User()
|
|
|
|
social_auth.fetch_okta_openidconnect_permissions(
|
|
strategy=self.strategy,
|
|
details={},
|
|
user=user,
|
|
backend=self.backend,
|
|
response={'access_token': self.access_token},
|
|
)
|
|
|
|
self.assertFalse(user.is_superuser)
|