Blame tests/test_pagure_flask_api_auth.py

Pierre-Yves Chibon f329bb
# -*- coding: utf-8 -*-
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
"""
Pierre-Yves Chibon f329bb
 (c) 2015 - Copyright Red Hat Inc
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
 Authors:
Pierre-Yves Chibon f329bb
   Pierre-Yves Chibon <pingou@pingoured.fr></pingou@pingoured.fr>
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
"""
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
__requires__ = ['SQLAlchemy >= 0.8']
Pierre-Yves Chibon f329bb
import pkg_resources
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
import unittest
Pierre-Yves Chibon f329bb
import shutil
Pierre-Yves Chibon f329bb
import sys
Pierre-Yves Chibon f329bb
import os
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
import json
Pierre-Yves Chibon f329bb
from mock import patch
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
sys.path.insert(0, os.path.join(os.path.dirname(
Pierre-Yves Chibon f329bb
    os.path.abspath(__file__)), '..'))
Pierre-Yves Chibon f329bb
Jeremy Cline 099538
import pagure.api
Pierre-Yves Chibon f329bb
import pagure.lib
Pierre-Yves Chibon f329bb
import tests
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
class PagureFlaskApiAuthtests(tests.Modeltests):
Pierre-Yves Chibon f329bb
    """ Tests for the authentication in the flask API of pagure """
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
    def setUp(self):
Pierre-Yves Chibon f329bb
        """ Set up the environnment, ran before every tests. """
Pierre-Yves Chibon f329bb
        super(PagureFlaskApiAuthtests, self).setUp()
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        pagure.APP.config['TESTING'] = True
Pierre-Yves Chibon f329bb
        pagure.SESSION = self.session
Pierre-Yves Chibon f329bb
        pagure.api.SESSION = self.session
Pierre-Yves Chibon 190621
        pagure.api.issue.SESSION = self.session
Pierre-Yves Chibon 190621
        pagure.lib.SESSION = self.session
Pierre-Yves Chibon f329bb
        self.app = pagure.APP.test_client()
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
    def test_auth_no_data(self):
Pierre-Yves Chibon f329bb
        """ Test the authentication when there is nothing in the database.
Pierre-Yves Chibon f329bb
        """
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        output = self.app.post('/api/0/foo/new_issue')
Pierre-Yves Chibon f329bb
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon f329bb
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        headers = {'Authorization': 'token aabbbccc'}
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
        output = self.app.post('/api/0/foo/new_issue', headers=headers)
Pierre-Yves Chibon f329bb
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon f329bb
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon 4a1511
    def test_auth_noacl(self):
Pierre-Yves Chibon 4a1511
        """ Test the authentication when the token does not have any ACL.
Pierre-Yves Chibon 4a1511
        """
Pierre-Yves Chibon 4a1511
        tests.create_projects(self.session)
Pierre-Yves Chibon 4a1511
        tests.create_tokens(self.session)
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon 4a1511
        output = self.app.post('/api/0/test/new_issue')
Pierre-Yves Chibon 4a1511
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon 4a1511
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon 4a1511
        headers = {'Authorization': 'token aaabbbcccddd'}
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon 4a1511
        output = self.app.post('/api/0/test/new_issue', headers=headers)
Pierre-Yves Chibon 4a1511
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon 4a1511
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon 4a1511
Pierre-Yves Chibon dccbc8
    def test_auth_expired(self):
Pierre-Yves Chibon dccbc8
        """ Test the authentication when the token has expired.
Pierre-Yves Chibon dccbc8
        """
Pierre-Yves Chibon dccbc8
        tests.create_projects(self.session)
Pierre-Yves Chibon dccbc8
        tests.create_tokens(self.session)
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon dccbc8
        output = self.app.post('/api/0/test/new_issue')
Pierre-Yves Chibon dccbc8
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon dccbc8
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon dccbc8
        headers = {'Authorization': 'token expired_token'}
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon dccbc8
        output = self.app.post('/api/0/test/new_issue', headers=headers)
Pierre-Yves Chibon dccbc8
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon dccbc8
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon dccbc8
Pierre-Yves Chibon 37d1e9
    def test_auth(self):
Pierre-Yves Chibon 37d1e9
        """ Test the token based authentication.
Pierre-Yves Chibon 37d1e9
        """
Pierre-Yves Chibon 37d1e9
        tests.create_projects(self.session)
Pierre-Yves Chibon 37d1e9
        tests.create_tokens(self.session)
Pierre-Yves Chibon 37d1e9
        tests.create_tokens_acl(self.session)
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon 37d1e9
        output = self.app.post('/api/0/test/new_issue')
Pierre-Yves Chibon 37d1e9
        self.assertEqual(output.status_code, 401)
Pierre-Yves Chibon 37d1e9
        data = json.loads(output.data)
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
Jeremy Cline 099538
                         data['error_code'])
Jeremy Cline 099538
        self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon 37d1e9
        headers = {'Authorization': 'token aaabbbcccddd'}
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon 37d1e9
        output = self.app.post('/api/0/test/new_issue', headers=headers)
Pierre-Yves Chibon 37d1e9
        self.assertEqual(output.status_code, 400)
Pierre-Yves Chibon 37d1e9
        data = json.loads(output.data)
Pierre-Yves Chibon 37d1e9
        self.assertDictEqual(
Pierre-Yves Chibon 37d1e9
            data,
Pierre-Yves Chibon 37d1e9
            {
Pierre-Yves Chibon 37d1e9
              "error": "Invalid or incomplete input submited",
Pierre-Yves Chibon 0af224
              "error_code": "EINVALIDREQ",
Pierre-Yves Chibon 37d1e9
            }
Pierre-Yves Chibon 37d1e9
        )
Pierre-Yves Chibon 37d1e9
Pierre-Yves Chibon f329bb
Pierre-Yves Chibon f329bb
if __name__ == '__main__':
Pierre-Yves Chibon f329bb
    SUITE = unittest.TestLoader().loadTestsFromTestCase(
Pierre-Yves Chibon f329bb
        PagureFlaskApiAuthtests)
Pierre-Yves Chibon f329bb
    unittest.TextTestRunner(verbosity=2).run(SUITE)