Mercurial > p > roundup > code
view test/session_common.py @ 5220:14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
returning booleans.
Redoing it using exceptions was the easiest way to return proper
xmlrpc fault messages to the clients.
Also this code should now properly make values set in the form
override values from the database. So no lost work under some
circumstances if the csrf requirements are not met.
Also this code does a better job of cleaning up old csrf tokens.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 05 Apr 2017 20:56:08 -0400 |
| parents | 63c79c0992ae |
| children | 62de601bdf6f |
line wrap: on
line source
import os, shutil, unittest from db_test_base import config class SessionTest(object): def setUp(self): # remove previous test, ignore errors if os.path.exists(config.DATABASE): shutil.rmtree(config.DATABASE) os.makedirs(config.DATABASE + '/files') self.db = self.module.Database(config, 'admin') self.sessions = self.sessions_module.Sessions(self.db) self.otks = self.sessions_module.OneTimeKeys(self.db) def tearDown(self): del self.otks del self.sessions if hasattr(self, 'db'): self.db.close() if os.path.exists(config.DATABASE): shutil.rmtree(config.DATABASE) def testList(self): self.sessions.list() self.sessions.set('random_key', text='hello, world!') self.sessions.list() def testGetAll(self): self.sessions.set('random_key', text='hello, world!') self.assertEqual(self.sessions.getall('random_key'), {'text': 'hello, world!'}) def testDestroy(self): self.sessions.set('random_key', text='hello, world!') self.assertEquals(self.sessions.getall('random_key'), {'text': 'hello, world!'}) self.sessions.destroy('random_key') self.assertRaises(KeyError, self.sessions.getall, 'random_key') def testSetSession(self): self.sessions.set('random_key', text='hello, world!') self.assertEqual(self.sessions.get('random_key', 'text'), 'hello, world!') def testUpdateSession(self): self.sessions.set('random_key', text='hello, world!') self.assertEqual(self.sessions.get('random_key', 'text'), 'hello, world!') self.sessions.set('random_key', text='nope') self.assertEqual(self.sessions.get('random_key', 'text'), 'nope') class DBMTest(SessionTest): import roundup.backends.sessions_dbm as sessions_module class RDBMSTest(SessionTest): import roundup.backends.sessions_rdbms as sessions_module