Nikolay Tatarinov
59ba2a9ca4
- Added functionality to normalize phone numbers for comparison, ensuring only digits are stored and checked. - Updated configuration to include optional phone number allowlists for users and admins in the environment settings. - Enhanced authentication logic to allow access based on normalized phone numbers, in addition to usernames. - Introduced new helper functions for parsing and validating phone numbers, improving code organization and maintainability. - Added unit tests to validate phone normalization and access control based on phone numbers.
70 lines
2.8 KiB
Python
70 lines
2.8 KiB
Python
"""Tests for config.is_admin and config.can_access_miniapp."""
|
|
|
|
import duty_teller.config as config
|
|
|
|
|
|
def test_is_admin_true_when_in_admin_list(monkeypatch):
|
|
monkeypatch.setattr(config, "ADMIN_USERNAMES", {"admin1", "admin2"})
|
|
assert config.is_admin("admin1") is True
|
|
assert config.is_admin("ADMIN1") is True
|
|
assert config.is_admin("admin2") is True
|
|
|
|
|
|
def test_is_admin_false_when_not_in_list(monkeypatch):
|
|
monkeypatch.setattr(config, "ADMIN_USERNAMES", {"admin1"})
|
|
assert config.is_admin("other") is False
|
|
assert config.is_admin("") is False
|
|
|
|
|
|
def test_can_access_miniapp_allowed_username(monkeypatch):
|
|
monkeypatch.setattr(config, "ALLOWED_USERNAMES", {"user1"})
|
|
monkeypatch.setattr(config, "ADMIN_USERNAMES", set())
|
|
assert config.can_access_miniapp("user1") is True
|
|
assert config.can_access_miniapp("USER1") is True
|
|
|
|
|
|
def test_can_access_miniapp_admin_has_access(monkeypatch):
|
|
monkeypatch.setattr(config, "ALLOWED_USERNAMES", set())
|
|
monkeypatch.setattr(config, "ADMIN_USERNAMES", {"admin1"})
|
|
assert config.can_access_miniapp("admin1") is True
|
|
|
|
|
|
def test_can_access_miniapp_denied(monkeypatch):
|
|
monkeypatch.setattr(config, "ALLOWED_USERNAMES", {"user1"})
|
|
monkeypatch.setattr(config, "ADMIN_USERNAMES", set())
|
|
assert config.can_access_miniapp("other") is False
|
|
assert config.can_access_miniapp("") is False
|
|
|
|
|
|
def test_normalize_phone():
|
|
"""Phone is normalized to digits only."""
|
|
assert config.normalize_phone("+7 900 123-45-67") == "79001234567"
|
|
assert config.normalize_phone("8 (900) 123-45-67") == "89001234567"
|
|
assert config.normalize_phone("79001234567") == "79001234567"
|
|
assert config.normalize_phone("") == ""
|
|
assert config.normalize_phone(None) == ""
|
|
|
|
|
|
def test_can_access_miniapp_by_phone(monkeypatch):
|
|
monkeypatch.setattr(config, "ALLOWED_PHONES", {"79001234567", "79007654321"})
|
|
monkeypatch.setattr(config, "ADMIN_PHONES", set())
|
|
assert config.can_access_miniapp_by_phone("+7 900 123-45-67") is True
|
|
assert config.can_access_miniapp_by_phone("79007654321") is True
|
|
assert config.can_access_miniapp_by_phone("79001111111") is False
|
|
assert config.can_access_miniapp_by_phone(None) is False
|
|
assert config.can_access_miniapp_by_phone("") is False
|
|
|
|
|
|
def test_can_access_miniapp_by_phone_admin(monkeypatch):
|
|
monkeypatch.setattr(config, "ALLOWED_PHONES", set())
|
|
monkeypatch.setattr(config, "ADMIN_PHONES", {"79001111111"})
|
|
assert config.can_access_miniapp_by_phone("+7 900 111-11-11") is True
|
|
assert config.can_access_miniapp_by_phone("79002222222") is False
|
|
|
|
|
|
def test_is_admin_by_phone(monkeypatch):
|
|
monkeypatch.setattr(config, "ADMIN_PHONES", {"79001111111"})
|
|
assert config.is_admin_by_phone("+7 900 111-11-11") is True
|
|
assert config.is_admin_by_phone("79001234567") is False
|
|
assert config.is_admin_by_phone(None) is False
|