|
Pierre-Yves Chibon |
f329bb |
# -*- coding: utf-8 -*-
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
"""
|
|
Pierre-Yves Chibon |
f329bb |
(c) 2015 - Copyright Red Hat Inc
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
Authors:
|
|
Pierre-Yves Chibon |
f329bb |
Pierre-Yves Chibon <pingou@pingoured.fr></pingou@pingoured.fr>
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
"""
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Aurélien Bompard |
dcf6f6 |
from __future__ import unicode_literals
|
|
Aurélien Bompard |
dcf6f6 |
|
|
Pierre-Yves Chibon |
f329bb |
__requires__ = ['SQLAlchemy >= 0.8']
|
|
Pierre-Yves Chibon |
f329bb |
import pkg_resources
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
import unittest
|
|
Pierre-Yves Chibon |
f329bb |
import shutil
|
|
Pierre-Yves Chibon |
f329bb |
import sys
|
|
Pierre-Yves Chibon |
f329bb |
import os
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
import json
|
|
Pierre-Yves Chibon |
f329bb |
from mock import patch
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
sys.path.insert(0, os.path.join(os.path.dirname(
|
|
Pierre-Yves Chibon |
f329bb |
os.path.abspath(__file__)), '..'))
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Jeremy Cline |
099538 |
import pagure.api
|
|
Pierre-Yves Chibon |
f329bb |
import pagure.lib
|
|
Pierre-Yves Chibon |
f329bb |
import tests
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Clement Verna |
109c4b |
class PagureFlaskApiAuthtests(tests.SimplePagureTest):
|
|
Pierre-Yves Chibon |
f329bb |
""" Tests for the authentication in the flask API of pagure """
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
def test_auth_no_data(self):
|
|
Pierre-Yves Chibon |
f329bb |
""" Test the authentication when there is nothing in the database.
|
|
Pierre-Yves Chibon |
f329bb |
"""
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
output = self.app.post('/api/0/foo/new_issue')
|
|
Pierre-Yves Chibon |
f329bb |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
headers = {'Authorization': 'token aabbbccc'}
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
output = self.app.post('/api/0/foo/new_issue', headers=headers)
|
|
Pierre-Yves Chibon |
f329bb |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
4a1511 |
def test_auth_noacl(self):
|
|
Pierre-Yves Chibon |
4a1511 |
""" Test the authentication when the token does not have any ACL.
|
|
Pierre-Yves Chibon |
4a1511 |
"""
|
|
Pierre-Yves Chibon |
4a1511 |
tests.create_projects(self.session)
|
|
Pierre-Yves Chibon |
4a1511 |
tests.create_tokens(self.session)
|
|
Pierre-Yves Chibon |
4a1511 |
|
|
Pierre-Yves Chibon |
4a1511 |
output = self.app.post('/api/0/test/new_issue')
|
|
Pierre-Yves Chibon |
4a1511 |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
4a1511 |
|
|
Pierre-Yves Chibon |
4a1511 |
headers = {'Authorization': 'token aaabbbcccddd'}
|
|
Pierre-Yves Chibon |
4a1511 |
|
|
Pierre-Yves Chibon |
4a1511 |
output = self.app.post('/api/0/test/new_issue', headers=headers)
|
|
Pierre-Yves Chibon |
4a1511 |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
4a1511 |
|
|
Pierre-Yves Chibon |
dccbc8 |
def test_auth_expired(self):
|
|
Pierre-Yves Chibon |
dccbc8 |
""" Test the authentication when the token has expired.
|
|
Pierre-Yves Chibon |
dccbc8 |
"""
|
|
Pierre-Yves Chibon |
dccbc8 |
tests.create_projects(self.session)
|
|
Pierre-Yves Chibon |
dccbc8 |
tests.create_tokens(self.session)
|
|
Pierre-Yves Chibon |
dccbc8 |
|
|
Pierre-Yves Chibon |
dccbc8 |
output = self.app.post('/api/0/test/new_issue')
|
|
Pierre-Yves Chibon |
dccbc8 |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
dccbc8 |
|
|
Pierre-Yves Chibon |
dccbc8 |
headers = {'Authorization': 'token expired_token'}
|
|
Pierre-Yves Chibon |
dccbc8 |
|
|
Pierre-Yves Chibon |
dccbc8 |
output = self.app.post('/api/0/test/new_issue', headers=headers)
|
|
Pierre-Yves Chibon |
dccbc8 |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
dccbc8 |
|
|
Pierre-Yves Chibon |
37d1e9 |
def test_auth(self):
|
|
Pierre-Yves Chibon |
37d1e9 |
""" Test the token based authentication.
|
|
Pierre-Yves Chibon |
37d1e9 |
"""
|
|
Pierre-Yves Chibon |
37d1e9 |
tests.create_projects(self.session)
|
|
Pierre-Yves Chibon |
37d1e9 |
tests.create_tokens(self.session)
|
|
Pierre-Yves Chibon |
37d1e9 |
tests.create_tokens_acl(self.session)
|
|
Pierre-Yves Chibon |
37d1e9 |
|
|
Pierre-Yves Chibon |
37d1e9 |
output = self.app.post('/api/0/test/new_issue')
|
|
Pierre-Yves Chibon |
37d1e9 |
self.assertEqual(output.status_code, 401)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
|
|
Jeremy Cline |
099538 |
data['error_code'])
|
|
Jeremy Cline |
099538 |
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
|
|
Pierre-Yves Chibon |
37d1e9 |
|
|
Pierre-Yves Chibon |
37d1e9 |
headers = {'Authorization': 'token aaabbbcccddd'}
|
|
Pierre-Yves Chibon |
37d1e9 |
|
|
Pierre-Yves Chibon |
37d1e9 |
output = self.app.post('/api/0/test/new_issue', headers=headers)
|
|
Pierre-Yves Chibon |
37d1e9 |
self.assertEqual(output.status_code, 400)
|
|
Aurélien Bompard |
626417 |
data = json.loads(output.get_data(as_text=True))
|
|
Pierre-Yves Chibon |
37d1e9 |
self.assertDictEqual(
|
|
Pierre-Yves Chibon |
37d1e9 |
data,
|
|
Pierre-Yves Chibon |
37d1e9 |
{
|
|
René Genz |
dadd94 |
"error": "Invalid or incomplete input submitted",
|
|
Pierre-Yves Chibon |
0af224 |
"error_code": "EINVALIDREQ",
|
|
Pierre-Yves Chibon |
fe29d7 |
"errors": {
|
|
Pierre-Yves Chibon |
fe29d7 |
"issue_content": ["This field is required."],
|
|
Pierre-Yves Chibon |
fe29d7 |
"title": ["This field is required."]
|
|
Pierre-Yves Chibon |
fe29d7 |
}
|
|
Pierre-Yves Chibon |
37d1e9 |
}
|
|
Pierre-Yves Chibon |
37d1e9 |
)
|
|
Pierre-Yves Chibon |
37d1e9 |
|
|
Pierre-Yves Chibon |
f329bb |
|
|
Pierre-Yves Chibon |
f329bb |
if __name__ == '__main__':
|
|
Pierre-Yves Chibon |
393f31 |
unittest.main(verbosity=2)
|