diff options
author | pennae <github@quasiparticle.net> | 2022-08-10 01:54:20 +0200 |
---|---|---|
committer | pennae <github@quasiparticle.net> | 2022-08-10 01:58:29 +0200 |
commit | aeb116bace23f66a86caf6d5868ea82dfb901e36 (patch) | |
tree | d634ec843f6d5513f487b82331fff23e23f3f20f /tests/conftest.py | |
parent | 6fdf7e463ee939c7f8eacf89d820e7ab405de587 (diff) | |
download | minor-skulk-aeb116bace23f66a86caf6d5868ea82dfb901e36.tar.gz minor-skulk-aeb116bace23f66a86caf6d5868ea82dfb901e36.tar.xz minor-skulk-aeb116bace23f66a86caf6d5868ea82dfb901e36.zip |
don't allow users to edit devices of other users
while device ids should be impossible to guess (being as long as oauth
tokens), we should still guard against malicious activity if they should
ever leak.
Diffstat (limited to 'tests/conftest.py')
-rw-r--r-- | tests/conftest.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/conftest.py b/tests/conftest.py index bf877e2..487eff9 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -55,6 +55,17 @@ def _account(client, primary, email, mail_server): email1 = f"test.account-{os.urandom(8).hex()}@test-auth" email2 = f"test.account2-{os.urandom(8).hex()}@test-auth" +@pytest.fixture(scope="class") +def account_plain(request, mail_server): + for a in _account(AuthClient(), True, email1, mail_server): + yield a + break +@pytest.fixture(scope="class") +def account2_plain(request, mail_server): + for a in _account(AuthClient(), True, email2, mail_server): + yield a + break + @pytest.fixture(params=[True, False], ids=["primary", "secondary"], scope="class") def account(request, mail_server): for a in _account(AuthClient(), request.param, email1, mail_server): |