2017-06-28 08:38:36 +00:00
|
|
|
import datetime
|
|
|
|
import json
|
2017-06-28 09:48:02 +00:00
|
|
|
import base64
|
2017-06-28 08:38:36 +00:00
|
|
|
|
|
|
|
from contextlib import contextmanager
|
|
|
|
from data import model
|
|
|
|
|
2017-06-28 09:48:02 +00:00
|
|
|
from flask import g
|
|
|
|
from flask_principal import Identity
|
|
|
|
|
2017-06-28 08:38:36 +00:00
|
|
|
CSRF_TOKEN_KEY = '_csrf_token'
|
|
|
|
CSRF_TOKEN = '123csrfforme'
|
|
|
|
|
|
|
|
@contextmanager
|
|
|
|
def client_with_identity(auth_username, client):
|
|
|
|
with client.session_transaction() as sess:
|
|
|
|
if auth_username and auth_username is not None:
|
|
|
|
loaded = model.user.get_user(auth_username)
|
|
|
|
sess['user_id'] = loaded.uuid
|
|
|
|
sess['login_time'] = datetime.datetime.now()
|
|
|
|
sess[CSRF_TOKEN_KEY] = CSRF_TOKEN
|
|
|
|
else:
|
|
|
|
sess['user_id'] = 'anonymous'
|
|
|
|
|
|
|
|
yield client
|
|
|
|
|
|
|
|
with client.session_transaction() as sess:
|
|
|
|
sess['user_id'] = None
|
|
|
|
sess['login_time'] = None
|
|
|
|
sess[CSRF_TOKEN_KEY] = None
|
|
|
|
|
|
|
|
|
|
|
|
def add_csrf_param(params):
|
|
|
|
""" Returns a params dict with the CSRF parameter added. """
|
|
|
|
params = params or {}
|
|
|
|
|
|
|
|
if not CSRF_TOKEN_KEY in params:
|
|
|
|
params[CSRF_TOKEN_KEY] = CSRF_TOKEN
|
|
|
|
|
|
|
|
return params
|
|
|
|
|
|
|
|
|
2017-06-28 09:48:02 +00:00
|
|
|
def gen_basic_auth(username, password):
|
|
|
|
""" Generates a basic auth header. """
|
|
|
|
return 'Basic ' + base64.b64encode("%s:%s" % (username, password))
|
|
|
|
|
|
|
|
|
|
|
|
def conduct_call(client, resource, url_for, method, params, body=None, expected_code=200,
|
|
|
|
headers=None):
|
2017-06-28 08:38:36 +00:00
|
|
|
""" Conducts a call to a Flask endpoint. """
|
|
|
|
params = add_csrf_param(params)
|
|
|
|
|
|
|
|
final_url = url_for(resource, **params)
|
|
|
|
|
|
|
|
headers = headers or {}
|
|
|
|
headers.update({"Content-Type": "application/json"})
|
|
|
|
|
|
|
|
if body is not None:
|
|
|
|
body = json.dumps(body)
|
|
|
|
|
2017-06-28 09:48:02 +00:00
|
|
|
# Required for anonymous calls to not exception.
|
|
|
|
g.identity = Identity(None, 'none')
|
|
|
|
|
2017-06-28 08:38:36 +00:00
|
|
|
rv = client.open(final_url, method=method, data=body, headers=headers)
|
|
|
|
msg = '%s %s: got %s expected: %s | %s' % (method, final_url, rv.status_code, expected_code,
|
|
|
|
rv.data)
|
|
|
|
assert rv.status_code == expected_code, msg
|
|
|
|
return rv
|