Home Explore Help
Sign In
RISCI_ATOM
/
pagure
mirror of https://pagure.io/pagure.git
1
0
Fork 0
Files Issues 3 Wiki
Branch: fix_diff_closed_pr
Branches Tags
pagure
/
tests
/
test_pagure_flask_api_auth.py

test_pagure_flask_api_auth.py 4.5 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 
  1. # -*- coding: utf-8 -*-
    2. 

  2. 

  3. """
    4. 

  4.  (c) 2015 - Copyright Red Hat Inc
    5. 

  5. 

  6.  Authors:
    7. 

  7.    Pierre-Yves Chibon <pingou@pingoured.fr>
    8. 

  8. 

  9. """
    10. 

  10. 

  11. from __future__ import unicode_literals
    12. 

  12. 

  13. __requires__ = ['SQLAlchemy >= 0.8']
    14. 

  14. import pkg_resources
    15. 

  15. 

  16. import unittest
    17. 

  17. import shutil
    18. 

  18. import sys
    19. 

  19. import os
    20. 

  20. 

  21. import json
    22. 

  22. from mock import patch
    23. 

  23. 

  24. sys.path.insert(0, os.path.join(os.path.dirname(
    25. 

  25.     os.path.abspath(__file__)), '..'))
    26. 

  26. 

  27. import pagure.api
    28. 

  28. import pagure.lib
    29. 

  29. import tests
    30. 

  30. 

  31. 

  32. class PagureFlaskApiAuthtests(tests.SimplePagureTest):
    33. 

  33.     """ Tests for the authentication in the flask API of pagure """
    34. 

  34. 

  35.     def test_auth_no_data(self):
    36. 

  36.         """ Test the authentication when there is nothing in the database.
    37. 

  37.         """
    38. 

  38. 

  39.         output = self.app.post('/api/0/foo/new_issue')
    40. 

  40.         self.assertEqual(output.status_code, 401)
    41. 

  41.         data = json.loads(output.get_data(as_text=True))
    42. 

  42.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    43. 

  43.                          data['error_code'])
    44. 

  44.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    45. 

  45. 

  46.         headers = {'Authorization': 'token aabbbccc'}
    47. 

  47. 

  48.         output = self.app.post('/api/0/foo/new_issue', headers=headers)
    49. 

  49.         self.assertEqual(output.status_code, 401)
    50. 

  50.         data = json.loads(output.get_data(as_text=True))
    51. 

  51.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    52. 

  52.                          data['error_code'])
    53. 

  53.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    54. 

  54. 

  55.     def test_auth_noacl(self):
    56. 

  56.         """ Test the authentication when the token does not have any ACL.
    57. 

  57.         """
    58. 

  58.         tests.create_projects(self.session)
    59. 

  59.         tests.create_tokens(self.session)
    60. 

  60. 

  61.         output = self.app.post('/api/0/test/new_issue')
    62. 

  62.         self.assertEqual(output.status_code, 401)
    63. 

  63.         data = json.loads(output.get_data(as_text=True))
    64. 

  64.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    65. 

  65.                          data['error_code'])
    66. 

  66.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    67. 

  67. 

  68.         headers = {'Authorization': 'token aaabbbcccddd'}
    69. 

  69. 

  70.         output = self.app.post('/api/0/test/new_issue', headers=headers)
    71. 

  71.         self.assertEqual(output.status_code, 401)
    72. 

  72.         data = json.loads(output.get_data(as_text=True))
    73. 

  73.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    74. 

  74.                          data['error_code'])
    75. 

  75.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    76. 

  76. 

  77.     def test_auth_expired(self):
    78. 

  78.         """ Test the authentication when the token has expired.
    79. 

  79.         """
    80. 

  80.         tests.create_projects(self.session)
    81. 

  81.         tests.create_tokens(self.session)
    82. 

  82. 

  83.         output = self.app.post('/api/0/test/new_issue')
    84. 

  84.         self.assertEqual(output.status_code, 401)
    85. 

  85.         data = json.loads(output.get_data(as_text=True))
    86. 

  86.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    87. 

  87.                          data['error_code'])
    88. 

  88.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    89. 

  89. 

  90.         headers = {'Authorization': 'token expired_token'}
    91. 

  91. 

  92.         output = self.app.post('/api/0/test/new_issue', headers=headers)
    93. 

  93.         self.assertEqual(output.status_code, 401)
    94. 

  94.         data = json.loads(output.get_data(as_text=True))
    95. 

  95.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    96. 

  96.                          data['error_code'])
    97. 

  97.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    98. 

  98. 

  99.     def test_auth(self):
    100. 

  100.         """ Test the token based authentication.
    101. 

  101.         """
    102. 

  102.         tests.create_projects(self.session)
    103. 

  103.         tests.create_tokens(self.session)
    104. 

  104.         tests.create_tokens_acl(self.session)
    105. 

  105. 

  106.         output = self.app.post('/api/0/test/new_issue')
    107. 

  107.         self.assertEqual(output.status_code, 401)
    108. 

  108.         data = json.loads(output.get_data(as_text=True))
    109. 

  109.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name,
    110. 

  110.                          data['error_code'])
    111. 

  111.         self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error'])
    112. 

  112. 

  113.         headers = {'Authorization': 'token aaabbbcccddd'}
    114. 

  114. 

  115.         output = self.app.post('/api/0/test/new_issue', headers=headers)
    116. 

  116.         self.assertEqual(output.status_code, 400)
    117. 

  117.         data = json.loads(output.get_data(as_text=True))
    118. 

  118.         self.assertDictEqual(
    119. 

  119.             data,
    120. 

  120.             {
    121. 

  121.               "error": "Invalid or incomplete input submitted",
    122. 

  122.               "error_code": "EINVALIDREQ",
    123. 

  123.               "errors": {
    124. 

  124.                 "issue_content": ["This field is required."],
    125. 

  125.                 "title": ["This field is required."]
    126. 

  126.               }
    127. 

  127.             }
    128. 

  128.         )
    129. 

  129. 

  130. 

  131. if __name__ == '__main__':
    132. 

  132.     unittest.main(verbosity=2)
    133.