Blame tests/test_pagure_flask_api_auth.py

Pierre-Yves Chibon f329bb
# -*- coding: utf-8 -*-
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
"""
Pierre-Yves Chibon f329bb
 (c) 2015 - Copyright Red Hat Inc
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
 Authors:
Pierre-Yves Chibon f329bb
   Pierre-Yves Chibon <pingou@pingoured.fr></pingou@pingoured.fr>
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
"""
Pierre-Yves Chibon f329bb
Aurélien Bompard dcf6f6
from __future__ import unicode_literals
Aurélien Bompard dcf6f6
Pierre-Yves Chibon f329bb
__requires__ = ['SQLAlchemy >= 0.8']
Pierre-Yves Chibon f329bb
import pkg_resources
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
import unittest
Pierre-Yves Chibon f329bb
import shutil
Pierre-Yves Chibon f329bb
import sys
Pierre-Yves Chibon f329bb
import os
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
import json
Pierre-Yves Chibon f329bb
from mock import patch
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
sys.path.insert(0, os.path.join(os.path.dirname(
Pierre-Yves Chibon f329bb
    os.path.abspath(__file__)), '..'))
Pierre-Yves Chibon f329bb
Jeremy Cline 099538
import pagure.api
Pierre-Yves Chibon f329bb
import pagure.lib
Pierre-Yves Chibon f329bb
import tests
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
Clement Verna 109c4b
class PagureFlaskApiAuthtests(tests.SimplePagureTest):
Pierre-Yves Chibon f329bb
    """ Tests for the authentication in the flask API of pagure """
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
    def test_auth_no_data(self):
Pierre-Yves Chibon f329bb
        """ Test the authentication when there is nothing in the database.
Pierre-Yves Chibon f329bb
        """
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        output = self.app.post('/api/0/foo/new_issue')
Pierre-Yves Chibon f329bb
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        headers = {'Authorization': 'token aabbbccc'}
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        output = self.app.post('/api/0/foo/new_issue', headers=headers)
Pierre-Yves Chibon f329bb
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon 4a1511
    def test_auth_noacl(self):
Pierre-Yves Chibon 4a1511
        """ Test the authentication when the token does not have any ACL.
Pierre-Yves Chibon 4a1511
        """
Pierre-Yves Chibon 4a1511
        tests.create_projects(self.session)
Pierre-Yves Chibon 4a1511
        tests.create_tokens(self.session)
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon 4a1511
        output = self.app.post('/api/0/test/new_issue')
Pierre-Yves Chibon 4a1511
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon 4a1511
        headers = {'Authorization': 'token aaabbbcccddd'}
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon 4a1511
        output = self.app.post('/api/0/test/new_issue', headers=headers)
Pierre-Yves Chibon 4a1511
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon dccbc8
    def test_auth_expired(self):
Pierre-Yves Chibon dccbc8
        """ Test the authentication when the token has expired.
Pierre-Yves Chibon dccbc8
        """
Pierre-Yves Chibon dccbc8
        tests.create_projects(self.session)
Pierre-Yves Chibon dccbc8
        tests.create_tokens(self.session)
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon dccbc8
        output = self.app.post('/api/0/test/new_issue')
Pierre-Yves Chibon dccbc8
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon dccbc8
        headers = {'Authorization': 'token expired_token'}
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon dccbc8
        output = self.app.post('/api/0/test/new_issue', headers=headers)
Pierre-Yves Chibon dccbc8
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon 37d1e9
    def test_auth(self):
Pierre-Yves Chibon 37d1e9
        """ Test the token based authentication.
Pierre-Yves Chibon 37d1e9
        """
Pierre-Yves Chibon 37d1e9
        tests.create_projects(self.session)
Pierre-Yves Chibon 37d1e9
        tests.create_tokens(self.session)
Pierre-Yves Chibon 37d1e9
        tests.create_tokens_acl(self.session)
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon 37d1e9
        output = self.app.post('/api/0/test/new_issue')
Pierre-Yves Chibon 37d1e9
        self.assertEqual(output.status_code, 401)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon 37d1e9
        headers = {'Authorization': 'token aaabbbcccddd'}
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon 37d1e9
        output = self.app.post('/api/0/test/new_issue', headers=headers)
Pierre-Yves Chibon 37d1e9
        self.assertEqual(output.status_code, 400)
Aurélien Bompard 626417
        data = json.loads(output.get_data(as_text=True))
Pierre-Yves Chibon 37d1e9
        self.assertDictEqual(
Pierre-Yves Chibon 37d1e9
            data,
Pierre-Yves Chibon 37d1e9
            {
René Genz dadd94
              "error": "Invalid or incomplete input submitted",
Pierre-Yves Chibon 0af224
              "error_code": "EINVALIDREQ",
Pierre-Yves Chibon fe29d7
              "errors": {
Pierre-Yves Chibon fe29d7
                "issue_content": ["This field is required."],
Pierre-Yves Chibon fe29d7
                "title": ["This field is required."]
Pierre-Yves Chibon fe29d7
              }
Pierre-Yves Chibon 37d1e9
            }
Pierre-Yves Chibon 37d1e9
        )
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
if __name__ == '__main__':
Pierre-Yves Chibon 393f31
    unittest.main(verbosity=2)