drafting test

Author: pcrespov

packages/pytest-simcore/src/pytest_simcore/helpers/webserver_login.py

@@ -9,7 +9,7 @@
 from models_library.users import UserID
 from servicelib.aiohttp import status
 from simcore_service_webserver.db.models import UserRole, UserStatus
-from simcore_service_webserver.groups.api import auto_add_user_to_product_group
+from simcore_service_webserver.groups import api as groups_service
 from simcore_service_webserver.login._constants import MSG_LOGGED_IN
 from simcore_service_webserver.login._invitations_service import create_invitation_token
 from simcore_service_webserver.login._login_repository_legacy import (
@@ -109,7 +109,9 @@ async def _register_user_in_default_product(app: web.Application, user_id: UserI
     assert products
     product_name = products[0].name
 
-    return await auto_add_user_to_product_group(app, user_id, product_name=product_name)
+    return await groups_service.auto_add_user_to_product_group(
+        app, user_id, product_name=product_name
+    )
 
 
 async def _create_account(

services/web/server/src/simcore_service_webserver/application.py

@@ -28,7 +28,7 @@
 from .groups.plugin import setup_groups
 from .invitations.plugin import setup_invitations
 from .licenses.plugin import setup_licenses
-from .login.plugin import setup_login
+from .login.plugin import setup_login, setup_login_auth
 from .long_running_tasks import setup_long_running_tasks
 from .notifications.plugin import setup_notifications
 from .payments.plugin import setup_payments
@@ -169,20 +169,21 @@ def create_application() -> web.Application:
     return app
 
 
-def create_application_authz() -> web.Application:
+def create_application_auth() -> web.Application:
     app = create_safe_application()
     setup_settings(app)
-
-    setup_db(app)
-    setup_session(app)
-    setup_security(app)
     setup_rest(app)
+    setup_db(app)
+
+    setup_login_auth(app)
 
     # NOTE: *last* events
     app.on_startup.append(_welcome_banner)
     app.on_shutdown.append(_finished_banner)
 
-    _logger.debug("Routes in this app: \n %s", pformat(app.router.named_resources()))
+    _logger.debug(
+        "Routes in application-auth: \n %s", pformat(app.router.named_resources())
+    )
 
     return app
 

services/web/server/src/simcore_service_webserver/login_auth/plugin.py

@@ -13,7 +13,7 @@
 
 @ensure_single_setup(__name__, logger=_logger)
 def setup_login_auth(app: web.Application):
-    setup_products(app)
+    setup_products(app, rpc_enabled=False)
     setup_security(app)
     setup_rest(app)
 

services/web/server/src/simcore_service_webserver/products/plugin.py

@@ -23,7 +23,7 @@
     settings_name="WEBSERVER_PRODUCTS",
     logger=_logger,
 )
-def setup_products(app: web.Application):
+def setup_products(app: web.Application, *, rpc_enabled: bool = True):
     #
     # NOTE: internal import speeds up booting app
     # specially if this plugin is not set up to be loaded
@@ -34,10 +34,14 @@ def setup_products(app: web.Application):
 
     assert app[APP_SETTINGS_KEY].WEBSERVER_PRODUCTS is True  # nosec
 
+    # rest API
     app.middlewares.append(_web_middlewares.discover_product_middleware)
-
     app.router.add_routes(rest.routes)
 
-    rpc.setup_rpc(app)
+    # rpc API (optional)
+    if rpc_enabled:
+        rpc.setup_rpc(app)
+    else:
+        _logger.info("Skipping RPC api in products plugin")
 
     _web_events.setup_web_events(app)

services/web/server/tests/unit/with_dbs/03/test_login_auth_app.py

@@ -0,0 +1,90 @@
+# pylint: disable=protected-access
+# pylint: disable=redefined-outer-name
+# pylint: disable=too-many-arguments
+# pylint: disable=unused-argument
+# pylint: disable=unused-variable
+
+from collections.abc import Callable
+
+import pytest
+import pytest_asyncio
+import sqlalchemy as sa
+from aiohttp import web
+from aiohttp.test_utils import TestClient, TestServer
+from pytest_simcore.helpers.assert_checks import assert_status
+from pytest_simcore.helpers.typing_env import EnvVarsDict
+from pytest_simcore.helpers.webserver_login import UserInfoDict
+from servicelib.aiohttp import status
+from simcore_service_webserver.application import create_application_auth
+from simcore_service_webserver.security import security_web
+
+
+@pytest.fixture
+async def auth_app(
+    app_environment: EnvVarsDict,
+    disable_static_webserver: Callable,
+) -> web.Application:
+    assert app_environment
+
+    # creates auth application instead
+    app = create_application_auth()
+
+    # checks endpoint exposed
+    url = app.router["check_auth"].url_for()
+    assert url.path == "/v0/auth:check"
+
+    disable_static_webserver(app)
+    return app
+
+
+@pytest_asyncio.fixture(loop_scope="function")
+async def web_server(
+    postgres_db: sa.engine.Engine,
+    auth_app: web.Application,
+    webserver_test_server_port: int,
+    # tools
+    aiohttp_server: Callable,
+    mocked_send_email: None,
+) -> TestServer:
+    # Overrides tests/unit/with_dbs/context.py:web_server fixture
+
+    # Add test routes for login/logout
+    async def test_login(request: web.Request) -> web.Response:
+        data = await request.json()
+        response = web.Response(status=200)
+        return await security_web.remember_identity(
+            request, response, user_email=data["email"]
+        )
+
+    async def test_logout(request: web.Request) -> web.Response:
+        response = web.Response(status=200)
+        await security_web.forget_identity(request, response)
+        return response
+
+    auth_app.router.add_post("/v0/test/login", test_login)
+    auth_app.router.add_post("/v0/test/logout", test_logout)
+
+    return await aiohttp_server(auth_app, port=webserver_test_server_port)
+
+
+# @pytest.mark.parametrize(
+#     "user_role", [role for role in UserRole if role > UserRole.ANONYMOUS]
+# )
+async def test_check_endpoint_in_auth_app(client: TestClient, user: UserInfoDict):
+    assert client.app
+
+    # user is not signed it (ANONYMOUS)
+    response = await client.get("/v0/auth:check")
+    await assert_status(response, status.HTTP_401_UNAUTHORIZED)
+
+    # Sign in using test login route
+    await client.post("/v0/test/login", json={"email": user["email"]})
+
+    # Now user should be authorized
+    response = await client.get("/v0/auth:check")
+    await assert_status(response, status.HTTP_204_NO_CONTENT)
+
+    await client.post("/v0/test/logout")
+
+    response = await client.get("/v0/auth:check")
+    await assert_status(response, status.HTTP_401_UNAUTHORIZED)