2995 |
2995 |
assert data['is_superuser'] is False
|
2996 |
2996 |
assert data['restrict_to_anonymised_data'] is False
|
2997 |
2997 |
assert data['roles'] == [role1.uuid]
|
|
2998 |
|
|
2999 |
|
|
3000 |
def test_api_basic_authz_user_phone_number(app, settings, superuser):
|
|
3001 |
settings.A2_ACCEPT_PHONE_AUTHENTICATION = True
|
|
3002 |
Attribute.objects.get_or_create(name='phone', kind='phone_number')
|
|
3003 |
|
|
3004 |
headers = {'Authorization': 'Basic abc'}
|
|
3005 |
app.get('/api/users/', headers=headers, status=401)
|
|
3006 |
|
|
3007 |
headers = basic_authorization_header(superuser)
|
|
3008 |
app.get('/api/users/', headers=headers, status=200)
|
|
3009 |
|
|
3010 |
superuser.phone = '+33499985643'
|
|
3011 |
superuser.save()
|
|
3012 |
|
|
3013 |
# authn valid
|
|
3014 |
headers = basic_authorization_header('+33499985643', superuser.username)
|
|
3015 |
app.get('/api/users/', headers=headers, status=200)
|
|
3016 |
|
|
3017 |
# non E.164 representations
|
|
3018 |
headers = basic_authorization_header('+33499985643 ', superuser.username)
|
|
3019 |
app.get('/api/users/', headers=headers, status=401)
|
|
3020 |
|
|
3021 |
headers = basic_authorization_header('+33-4/99/985643', superuser.username)
|
|
3022 |
app.get('/api/users/', headers=headers, status=401)
|
|
3023 |
|
|
3024 |
headers = basic_authorization_header('0499985643', superuser.username)
|
|
3025 |
app.get('/api/users/', headers=headers, status=401)
|
|
3026 |
|
|
3027 |
# E.164 yet wrong phone number
|
|
3028 |
headers = basic_authorization_header('+33499985644', superuser.username)
|
|
3029 |
app.get('/api/users/', headers=headers, status=401)
|