123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 |
- # -*- coding: utf-8 -*-
- """
- (c) 2015 - Copyright Red Hat Inc
- Authors:
- Pierre-Yves Chibon <pingou@pingoured.fr>
- """
- __requires__ = ['SQLAlchemy >= 0.8']
- import pkg_resources
- import unittest
- import shutil
- import sys
- import os
- import json
- from mock import patch
- sys.path.insert(0, os.path.join(os.path.dirname(
- os.path.abspath(__file__)), '..'))
- import pagure.api
- import pagure.lib
- import tests
- class PagureFlaskApiAuthtests(tests.Modeltests):
- """ Tests for the authentication in the flask API of pagure """
- def setUp(self):
- """ Set up the environnment, ran before every tests. """
- super(PagureFlaskApiAuthtests, self).setUp()
- pagure.APP.config['TESTING'] = True
- pagure.SESSION = self.session
- pagure.api.SESSION = self.session
- pagure.api.issue.SESSION = self.session
- pagure.lib.SESSION = self.session
- self.app = pagure.APP.test_client()
- def test_auth_no_data(self):
- """ Test the authentication when there is nothing in the database.
- """
- output = self.app.post('/api/0/foo/new_issue')
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- headers = {'Authorization': 'token aabbbccc'}
- output = self.app.post('/api/0/foo/new_issue', headers=headers)
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- def test_auth_noacl(self):
- """ Test the authentication when the token does not have any ACL.
- """
- tests.create_projects(self.session)
- tests.create_tokens(self.session)
- output = self.app.post('/api/0/test/new_issue')
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- headers = {'Authorization': 'token aaabbbcccddd'}
- output = self.app.post('/api/0/test/new_issue', headers=headers)
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- def test_auth_expired(self):
- """ Test the authentication when the token has expired.
- """
- tests.create_projects(self.session)
- tests.create_tokens(self.session)
- output = self.app.post('/api/0/test/new_issue')
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- headers = {'Authorization': 'token expired_token'}
- output = self.app.post('/api/0/test/new_issue', headers=headers)
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- def test_auth(self):
- """ Test the token based authentication.
- """
- tests.create_projects(self.session)
- tests.create_tokens(self.session)
- tests.create_tokens_acl(self.session)
- output = self.app.post('/api/0/test/new_issue')
- self.assertEqual(output.status_code, 401)
- data = json.loads(output.data)
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
- data['error_code'])
- self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
- headers = {'Authorization': 'token aaabbbcccddd'}
- output = self.app.post('/api/0/test/new_issue', headers=headers)
- self.assertEqual(output.status_code, 400)
- data = json.loads(output.data)
- self.assertDictEqual(
- data,
- {
- "error": "Invalid or incomplete input submited",
- "error_code": "EINVALIDREQ",
- "errors": {
- "issue_content": ["This field is required."],
- "title": ["This field is required."]
- }
- }
- )
- if __name__ == '__main__':
- unittest.main(verbosity=2)
|