# -*- coding: utf-8 -*-
"""
(c) 2015 - Copyright Red Hat Inc
Authors:
Pierre-Yves Chibon <pingou@pingoured.fr>
"""
from __future__ import unicode_literals, absolute_import
import unittest
import shutil
import sys
import os
import json
from mock import patch
sys.path.insert(
0, os.path.join(os.path.dirname(os.path.abspath(__file__)), "..")
)
import pagure.api
import pagure.lib
import tests
class PagureFlaskApiAuthtests(tests.SimplePagureTest):
""" Tests for the authentication in the flask API of pagure """
def test_auth_no_data(self):
""" Test the authentication when there is nothing in the database.
"""
output = self.app.post("/api/0/foo/new_issue")
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
headers = {"Authorization": "token aabbbccc"}
output = self.app.post("/api/0/foo/new_issue", headers=headers)
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
def test_auth_noacl(self):
""" Test the authentication when the token does not have any ACL.
"""
tests.create_projects(self.session)
tests.create_tokens(self.session)
output = self.app.post("/api/0/test/new_issue")
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
headers = {"Authorization": "token aaabbbcccddd"}
output = self.app.post("/api/0/test/new_issue", headers=headers)
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
def test_auth_expired(self):
""" Test the authentication when the token has expired.
"""
tests.create_projects(self.session)
tests.create_tokens(self.session)
output = self.app.post("/api/0/test/new_issue")
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
headers = {"Authorization": "token expired_token"}
output = self.app.post("/api/0/test/new_issue", headers=headers)
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
def test_auth(self):
""" Test the token based authentication.
"""
tests.create_projects(self.session)
tests.create_tokens(self.session)
tests.create_tokens_acl(self.session)
output = self.app.post("/api/0/test/new_issue")
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
pagure.api.APIERROR.EINVALIDTOK.name, data["error_code"]
)
self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data["error"])
headers = {"Authorization": "token aaabbbcccddd"}
output = self.app.post("/api/0/test/new_issue", headers=headers)
self.assertEqual(output.status_code, 400)
data = json.loads(output.get_data(as_text=True))
self.assertDictEqual(
data,
{
"error": "Invalid or incomplete input submitted",
"error_code": "EINVALIDREQ",
"errors": {
"issue_content": ["This field is required."],
"title": ["This field is required."],
},
},
)
if __name__ == "__main__":
unittest.main(verbosity=2)