| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347 |
- # -*- coding: utf-8 -*-
- # Copyright 2014-2016 OpenMarket Ltd
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- """Tests REST events for /profile paths."""
- import json
- from mock import Mock
- from twisted.internet import defer
- import synapse.types
- from synapse.api.errors import AuthError, SynapseError
- from synapse.rest import admin
- from synapse.rest.client.v1 import login, profile, room
- from tests import unittest
- from ....utils import MockHttpResource, setup_test_homeserver
- myid = "@1234ABCD:test"
- PATH_PREFIX = "/_matrix/client/r0"
- class MockHandlerProfileTestCase(unittest.TestCase):
- """ Tests rest layer of profile management.
- Todo: move these into ProfileTestCase
- """
- @defer.inlineCallbacks
- def setUp(self):
- self.mock_resource = MockHttpResource(prefix=PATH_PREFIX)
- self.mock_handler = Mock(
- spec=[
- "get_displayname",
- "set_displayname",
- "get_avatar_url",
- "set_avatar_url",
- "check_profile_query_allowed",
- ]
- )
- self.mock_handler.get_displayname.return_value = defer.succeed(Mock())
- self.mock_handler.set_displayname.return_value = defer.succeed(Mock())
- self.mock_handler.get_avatar_url.return_value = defer.succeed(Mock())
- self.mock_handler.set_avatar_url.return_value = defer.succeed(Mock())
- self.mock_handler.check_profile_query_allowed.return_value = defer.succeed(
- Mock()
- )
- hs = yield setup_test_homeserver(
- self.addCleanup,
- "test",
- http_client=None,
- resource_for_client=self.mock_resource,
- federation=Mock(),
- federation_client=Mock(),
- profile_handler=self.mock_handler,
- )
- def _get_user_by_req(request=None, allow_guest=False):
- return defer.succeed(synapse.types.create_requester(myid))
- hs.get_auth().get_user_by_req = _get_user_by_req
- profile.register_servlets(hs, self.mock_resource)
- @defer.inlineCallbacks
- def test_get_my_name(self):
- mocked_get = self.mock_handler.get_displayname
- mocked_get.return_value = defer.succeed("Frank")
- (code, response) = yield self.mock_resource.trigger(
- "GET", "/profile/%s/displayname" % (myid), None
- )
- self.assertEquals(200, code)
- self.assertEquals({"displayname": "Frank"}, response)
- self.assertEquals(mocked_get.call_args[0][0].localpart, "1234ABCD")
- @defer.inlineCallbacks
- def test_set_my_name(self):
- mocked_set = self.mock_handler.set_displayname
- mocked_set.return_value = defer.succeed(())
- (code, response) = yield self.mock_resource.trigger(
- "PUT", "/profile/%s/displayname" % (myid), b'{"displayname": "Frank Jr."}'
- )
- self.assertEquals(200, code)
- self.assertEquals(mocked_set.call_args[0][0].localpart, "1234ABCD")
- self.assertEquals(mocked_set.call_args[0][1].user.localpart, "1234ABCD")
- self.assertEquals(mocked_set.call_args[0][2], "Frank Jr.")
- @defer.inlineCallbacks
- def test_set_my_name_noauth(self):
- mocked_set = self.mock_handler.set_displayname
- mocked_set.side_effect = AuthError(400, "message")
- (code, response) = yield self.mock_resource.trigger(
- "PUT",
- "/profile/%s/displayname" % ("@4567:test"),
- b'{"displayname": "Frank Jr."}',
- )
- self.assertTrue(400 <= code < 499, msg="code %d is in the 4xx range" % (code))
- @defer.inlineCallbacks
- def test_get_other_name(self):
- mocked_get = self.mock_handler.get_displayname
- mocked_get.return_value = defer.succeed("Bob")
- (code, response) = yield self.mock_resource.trigger(
- "GET", "/profile/%s/displayname" % ("@opaque:elsewhere"), None
- )
- self.assertEquals(200, code)
- self.assertEquals({"displayname": "Bob"}, response)
- @defer.inlineCallbacks
- def test_set_other_name(self):
- mocked_set = self.mock_handler.set_displayname
- mocked_set.side_effect = SynapseError(400, "message")
- (code, response) = yield self.mock_resource.trigger(
- "PUT",
- "/profile/%s/displayname" % ("@opaque:elsewhere"),
- b'{"displayname":"bob"}',
- )
- self.assertTrue(400 <= code <= 499, msg="code %d is in the 4xx range" % (code))
- @defer.inlineCallbacks
- def test_get_my_avatar(self):
- mocked_get = self.mock_handler.get_avatar_url
- mocked_get.return_value = defer.succeed("http://my.server/me.png")
- (code, response) = yield self.mock_resource.trigger(
- "GET", "/profile/%s/avatar_url" % (myid), None
- )
- self.assertEquals(200, code)
- self.assertEquals({"avatar_url": "http://my.server/me.png"}, response)
- self.assertEquals(mocked_get.call_args[0][0].localpart, "1234ABCD")
- @defer.inlineCallbacks
- def test_set_my_avatar(self):
- mocked_set = self.mock_handler.set_avatar_url
- mocked_set.return_value = defer.succeed(())
- (code, response) = yield self.mock_resource.trigger(
- "PUT",
- "/profile/%s/avatar_url" % (myid),
- b'{"avatar_url": "http://my.server/pic.gif"}',
- )
- self.assertEquals(200, code)
- self.assertEquals(mocked_set.call_args[0][0].localpart, "1234ABCD")
- self.assertEquals(mocked_set.call_args[0][1].user.localpart, "1234ABCD")
- self.assertEquals(mocked_set.call_args[0][2], "http://my.server/pic.gif")
- class ProfileTestCase(unittest.HomeserverTestCase):
- servlets = [
- admin.register_servlets_for_client_rest_resource,
- login.register_servlets,
- profile.register_servlets,
- ]
- def make_homeserver(self, reactor, clock):
- self.hs = self.setup_test_homeserver()
- return self.hs
- def prepare(self, reactor, clock, hs):
- self.owner = self.register_user("owner", "pass")
- self.owner_tok = self.login("owner", "pass")
- def test_set_displayname(self):
- request, channel = self.make_request(
- "PUT",
- "/profile/%s/displayname" % (self.owner,),
- content=json.dumps({"displayname": "test"}),
- access_token=self.owner_tok,
- )
- self.render(request)
- self.assertEqual(channel.code, 200, channel.result)
- res = self.get_displayname()
- self.assertEqual(res, "test")
- def test_set_displayname_too_long(self):
- """Attempts to set a stupid displayname should get a 400"""
- request, channel = self.make_request(
- "PUT",
- "/profile/%s/displayname" % (self.owner,),
- content=json.dumps({"displayname": "test" * 100}),
- access_token=self.owner_tok,
- )
- self.render(request)
- self.assertEqual(channel.code, 400, channel.result)
- res = self.get_displayname()
- self.assertEqual(res, "owner")
- def get_displayname(self):
- request, channel = self.make_request(
- "GET", "/profile/%s/displayname" % (self.owner,)
- )
- self.render(request)
- self.assertEqual(channel.code, 200, channel.result)
- return channel.json_body["displayname"]
- class ProfilesRestrictedTestCase(unittest.HomeserverTestCase):
- servlets = [
- admin.register_servlets_for_client_rest_resource,
- login.register_servlets,
- profile.register_servlets,
- room.register_servlets,
- ]
- def make_homeserver(self, reactor, clock):
- config = self.default_config()
- config["require_auth_for_profile_requests"] = True
- config["limit_profile_requests_to_users_who_share_rooms"] = True
- self.hs = self.setup_test_homeserver(config=config)
- return self.hs
- def prepare(self, reactor, clock, hs):
- # User owning the requested profile.
- self.owner = self.register_user("owner", "pass")
- self.owner_tok = self.login("owner", "pass")
- self.profile_url = "/profile/%s" % (self.owner)
- # User requesting the profile.
- self.requester = self.register_user("requester", "pass")
- self.requester_tok = self.login("requester", "pass")
- self.room_id = self.helper.create_room_as(self.owner, tok=self.owner_tok)
- def test_no_auth(self):
- self.try_fetch_profile(401)
- def test_not_in_shared_room(self):
- self.ensure_requester_left_room()
- self.try_fetch_profile(403, access_token=self.requester_tok)
- def test_in_shared_room(self):
- self.ensure_requester_left_room()
- self.helper.join(room=self.room_id, user=self.requester, tok=self.requester_tok)
- self.try_fetch_profile(200, self.requester_tok)
- def try_fetch_profile(self, expected_code, access_token=None):
- self.request_profile(expected_code, access_token=access_token)
- self.request_profile(
- expected_code, url_suffix="/displayname", access_token=access_token
- )
- self.request_profile(
- expected_code, url_suffix="/avatar_url", access_token=access_token
- )
- def request_profile(self, expected_code, url_suffix="", access_token=None):
- request, channel = self.make_request(
- "GET", self.profile_url + url_suffix, access_token=access_token
- )
- self.render(request)
- self.assertEqual(channel.code, expected_code, channel.result)
- def ensure_requester_left_room(self):
- try:
- self.helper.leave(
- room=self.room_id, user=self.requester, tok=self.requester_tok
- )
- except AssertionError:
- # We don't care whether the leave request didn't return a 200 (e.g.
- # if the user isn't already in the room), because we only want to
- # make sure the user isn't in the room.
- pass
- class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):
- servlets = [
- admin.register_servlets_for_client_rest_resource,
- login.register_servlets,
- profile.register_servlets,
- ]
- def make_homeserver(self, reactor, clock):
- config = self.default_config()
- config["require_auth_for_profile_requests"] = True
- config["limit_profile_requests_to_users_who_share_rooms"] = True
- self.hs = self.setup_test_homeserver(config=config)
- return self.hs
- def prepare(self, reactor, clock, hs):
- # User requesting the profile.
- self.requester = self.register_user("requester", "pass")
- self.requester_tok = self.login("requester", "pass")
- def test_can_lookup_own_profile(self):
- """Tests that a user can lookup their own profile without having to be in a room
- if 'require_auth_for_profile_requests' is set to true in the server's config.
- """
- request, channel = self.make_request(
- "GET", "/profile/" + self.requester, access_token=self.requester_tok
- )
- self.render(request)
- self.assertEqual(channel.code, 200, channel.result)
- request, channel = self.make_request(
- "GET",
- "/profile/" + self.requester + "/displayname",
- access_token=self.requester_tok,
- )
- self.render(request)
- self.assertEqual(channel.code, 200, channel.result)
- request, channel = self.make_request(
- "GET",
- "/profile/" + self.requester + "/avatar_url",
- access_token=self.requester_tok,
- )
- self.render(request)
- self.assertEqual(channel.code, 200, channel.result)
|
