quay/endpoints/api/test/test_security.py

import datetime

import pytest

from data import model
from endpoints.api import api
from endpoints.api.superuser import SuperUserRepositoryBuildLogs, SuperUserRepositoryBuildResource
from endpoints.api.superuser import SuperUserRepositoryBuildStatus
from endpoints.test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file


def client_with_identity(auth_username, client):
  with client.session_transaction() as sess:
    if auth_username:
      if auth_username is not None:
        loaded = model.user.get_user(auth_username)
        sess['user_id'] = loaded.uuid
        sess['login_time'] = datetime.datetime.now()
  return client


@pytest.mark.parametrize('resource,identity,expected', [
  (SuperUserRepositoryBuildLogs, None, 401),
  (SuperUserRepositoryBuildLogs, 'freshuser', 403),
  (SuperUserRepositoryBuildLogs, 'reader', 403),
  (SuperUserRepositoryBuildLogs, 'devtable', 400),

  (SuperUserRepositoryBuildStatus, None, 401),
  (SuperUserRepositoryBuildStatus, 'freshuser', 403),
  (SuperUserRepositoryBuildStatus, 'reader', 403),
  (SuperUserRepositoryBuildStatus, 'devtable', 400),

  (SuperUserRepositoryBuildResource, None, 401),
  (SuperUserRepositoryBuildResource, 'freshuser', 403),
  (SuperUserRepositoryBuildResource, 'reader', 403),
  (SuperUserRepositoryBuildResource, 'devtable', 404),
])
def test_super_user_build_endpoints(resource, identity, expected, client):
  cl = client_with_identity(identity, client)
  final_url = api.url_for(resource, build_uuid='1234')
  rv = cl.open(final_url)
  msg = '%s %s: %s expected: %s' % ('GET', final_url, rv.status_code, expected)
  assert rv.status_code == expected, msg
update(security_test.py): moving tests to new framework We should be moving tests over to pytest [none] 2017-01-27 16:22:40 +00:00			`import datetime`
Style fixes 2017-02-16 19:50:44 +00:00
update(security_test.py): moving tests to new framework We should be moving tests over to pytest [none] 2017-01-27 16:22:40 +00:00			`import pytest`

			`from data import model`
			`from endpoints.api import api`
			`from endpoints.api.superuser import SuperUserRepositoryBuildLogs, SuperUserRepositoryBuildResource`
			`from endpoints.api.superuser import SuperUserRepositoryBuildStatus`
Move endpoint test fixtures to a non-conftest file 2017-02-09 19:33:38 +00:00			`from endpoints.test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file`
update(security_test.py): moving tests to new framework We should be moving tests over to pytest [none] 2017-01-27 16:22:40 +00:00

			`def client_with_identity(auth_username, client):`
			`with client.session_transaction() as sess:`
			`if auth_username:`
			`if auth_username is not None:`
			`loaded = model.user.get_user(auth_username)`
			`sess['user_id'] = loaded.uuid`
			`sess['login_time'] = datetime.datetime.now()`
			`return client`


			`@pytest.mark.parametrize('resource,identity,expected', [`
			`(SuperUserRepositoryBuildLogs, None, 401),`
			`(SuperUserRepositoryBuildLogs, 'freshuser', 403),`
			`(SuperUserRepositoryBuildLogs, 'reader', 403),`
			`(SuperUserRepositoryBuildLogs, 'devtable', 400),`

			`(SuperUserRepositoryBuildStatus, None, 401),`
			`(SuperUserRepositoryBuildStatus, 'freshuser', 403),`
			`(SuperUserRepositoryBuildStatus, 'reader', 403),`
			`(SuperUserRepositoryBuildStatus, 'devtable', 400),`

			`(SuperUserRepositoryBuildResource, None, 401),`
			`(SuperUserRepositoryBuildResource, 'freshuser', 403),`
			`(SuperUserRepositoryBuildResource, 'reader', 403),`
			`(SuperUserRepositoryBuildResource, 'devtable', 404),`
			`])`
			`def test_super_user_build_endpoints(resource, identity, expected, client):`
			`cl = client_with_identity(identity, client)`
			`final_url = api.url_for(resource, build_uuid='1234')`
			`rv = cl.open(final_url)`
			`msg = '%s %s: %s expected: %s' % ('GET', final_url, rv.status_code, expected)`
			`assert rv.status_code == expected, msg`