Add the next batch of tests and fixes.
This commit is contained in:
yackob03
parent
db59b5bf9c
commit
2a849f631b
3 changed files with 477 additions and 289 deletions
|
|
@ -112,7 +112,7 @@ def change_user_details():
|
||||||
user_data = request.get_json();
|
user_data = request.get_json();
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if user_data['password']:
|
if 'password' in user_data:
|
||||||
logger.debug('Changing password for user: %s', user.username)
|
logger.debug('Changing password for user: %s', user.username)
|
||||||
model.change_password(user, user_data['password'])
|
model.change_password(user, user_data['password'])
|
||||||
except model.InvalidPasswordException, ex:
|
except model.InvalidPasswordException, ex:
|
||||||
|
|
@ -283,26 +283,29 @@ def team_view(orgname, t):
|
||||||
@app.route('/api/organization/<orgname>', methods=['GET'])
|
@app.route('/api/organization/<orgname>', methods=['GET'])
|
||||||
@api_login_required
|
@api_login_required
|
||||||
def get_organization(orgname):
|
def get_organization(orgname):
|
||||||
user = current_user.db_user()
|
permission = OrganizationMemberPermission(orgname)
|
||||||
|
if permission.can():
|
||||||
|
user = current_user.db_user()
|
||||||
|
|
||||||
def org_view(o, teams):
|
def org_view(o, teams):
|
||||||
admin_org = AdministerOrganizationPermission(orgname)
|
admin_org = AdministerOrganizationPermission(orgname)
|
||||||
is_admin = admin_org.can()
|
is_admin = admin_org.can()
|
||||||
return {
|
return {
|
||||||
'name': o.username,
|
'name': o.username,
|
||||||
'gravatar': compute_hash(o.email),
|
'gravatar': compute_hash(o.email),
|
||||||
'teams': {t.name : team_view(orgname, t) for t in teams},
|
'teams': {t.name : team_view(orgname, t) for t in teams},
|
||||||
'is_admin': is_admin
|
'is_admin': is_admin
|
||||||
}
|
}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
org = model.get_organization(orgname)
|
org = model.get_organization(orgname)
|
||||||
except model.InvalidOrganizationException:
|
except model.InvalidOrganizationException:
|
||||||
abort(404)
|
abort(404)
|
||||||
|
|
||||||
teams = model.get_teams_within_org(org)
|
teams = model.get_teams_within_org(org)
|
||||||
return jsonify(org_view(org, teams))
|
return jsonify(org_view(org, teams))
|
||||||
|
|
||||||
|
abort(403)
|
||||||
|
|
||||||
@app.route('/api/organization/<orgname>/private', methods=['GET'])
|
@app.route('/api/organization/<orgname>/private', methods=['GET'])
|
||||||
@api_login_required
|
@api_login_required
|
||||||
|
|
@ -578,7 +581,7 @@ def change_repo_visibility_api(namespace, repository):
|
||||||
'success': True
|
'success': True
|
||||||
})
|
})
|
||||||
|
|
||||||
abort(404)
|
abort(403)
|
||||||
|
|
||||||
|
|
||||||
@app.route('/api/repository/<path:repository>', methods=['DELETE'])
|
@app.route('/api/repository/<path:repository>', methods=['DELETE'])
|
||||||
|
|
@ -591,7 +594,7 @@ def delete_repository(namespace, repository):
|
||||||
registry.delete_repository_storage(namespace, repository)
|
registry.delete_repository_storage(namespace, repository)
|
||||||
return make_response('Deleted', 204)
|
return make_response('Deleted', 204)
|
||||||
|
|
||||||
abort(404)
|
abort(403)
|
||||||
|
|
||||||
|
|
||||||
def image_view(image):
|
def image_view(image):
|
||||||
|
|
@ -649,7 +652,7 @@ def get_repo_api(namespace, repository):
|
||||||
'is_organization': bool(organization)
|
'is_organization': bool(organization)
|
||||||
})
|
})
|
||||||
|
|
||||||
abort(404) # Not fount
|
abort(404) # Not found
|
||||||
abort(403) # Permission denied
|
abort(403) # Permission denied
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -689,6 +692,7 @@ def get_repo_builds(namespace, repository):
|
||||||
|
|
||||||
@app.route('/api/filedrop/', methods=['POST'])
|
@app.route('/api/filedrop/', methods=['POST'])
|
||||||
@api_login_required
|
@api_login_required
|
||||||
|
@required_json_args('mimeType')
|
||||||
def get_filedrop_url():
|
def get_filedrop_url():
|
||||||
mime_type = request.get_json()['mimeType']
|
mime_type = request.get_json()['mimeType']
|
||||||
(url, file_id) = user_files.prepare_for_drop(mime_type)
|
(url, file_id) = user_files.prepare_for_drop(mime_type)
|
||||||
|
|
|
||||||
429
test/specs.py
Normal file
429
test/specs.py
Normal file
|
|
@ -0,0 +1,429 @@
|
||||||
|
import json
|
||||||
|
|
||||||
|
from flask import url_for
|
||||||
|
from collections import OrderedDict
|
||||||
|
from uuid import uuid4
|
||||||
|
|
||||||
|
|
||||||
|
PUBLIC_REPO = 'public/publicrepo'
|
||||||
|
|
||||||
|
PRIVATE_REPO = 'devtable/complex'
|
||||||
|
|
||||||
|
ORG = 'devtableorg'
|
||||||
|
ORG_REPO = ORG + '/orgrepo'
|
||||||
|
ORG_OWNERS = 'owners'
|
||||||
|
ORG_READERS = 'readers'
|
||||||
|
ORG_OWNER = 'devtable'
|
||||||
|
|
||||||
|
FAKE_IMAGE_ID = uuid4()
|
||||||
|
FAKE_TAG_NAME = uuid4()
|
||||||
|
FAKE_USERNAME = uuid4()
|
||||||
|
FAKE_TEAMNAME = uuid4()
|
||||||
|
FAKE_TOKEN = uuid4()
|
||||||
|
|
||||||
|
|
||||||
|
def open_kwargs(method='GET', json_object=None):
|
||||||
|
kwargs = {
|
||||||
|
'method': method,
|
||||||
|
}
|
||||||
|
|
||||||
|
if json_object is not None:
|
||||||
|
kwargs['data'] = json.dumps(json_object)
|
||||||
|
kwargs['content_type'] = 'application/json'
|
||||||
|
|
||||||
|
elif method == 'POST' or method == 'PUT':
|
||||||
|
kwargs['data'] = json.dumps({
|
||||||
|
'fake': 'json',
|
||||||
|
'data': 'here',
|
||||||
|
})
|
||||||
|
kwargs['content_type'] = 'application/json'
|
||||||
|
|
||||||
|
return kwargs
|
||||||
|
|
||||||
|
|
||||||
|
def build_anon_spec():
|
||||||
|
return OrderedDict([
|
||||||
|
(url_for('welcome'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('plans_list'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_logged_in_user'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('change_user_details'), (401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('create_user_api'), (400, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('signin_api'), (400, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('send_recovery'), (400, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('get_matching_users', prefix='dev'), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_matching_entities', prefix='dev'), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_organization', orgname=ORG), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_organization_private_allowed', orgname=ORG),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('update_organization_team', orgname=ORG, teamname=ORG_OWNERS),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_organization_team', orgname=ORG, teamname=ORG_OWNERS),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('get_organization_team_members', orgname=ORG,
|
||||||
|
teamname=ORG_OWNERS), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('update_organization_team_member', orgname=ORG,
|
||||||
|
teamname=ORG_OWNERS, membername=ORG_OWNER),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_organization_team_member', orgname=ORG,
|
||||||
|
teamname=ORG_OWNERS, membername=ORG_OWNER),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('create_repo_api'), (401, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('match_repos_api'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('list_repos_api'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('update_repo_api', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
(url_for('update_repo_api', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
(url_for('update_repo_api', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('change_repo_visibility_api', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
(url_for('change_repo_visibility_api', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
(url_for('change_repo_visibility_api', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('delete_repository', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_repository', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_repository', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('get_repo_api', repository=PUBLIC_REPO),(200, open_kwargs())),
|
||||||
|
(url_for('get_repo_api', repository=ORG_REPO), (403, open_kwargs())),
|
||||||
|
(url_for('get_repo_api', repository=PRIVATE_REPO), (403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_repo_builds', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('get_repo_builds', repository=ORG_REPO), (401, open_kwargs())),
|
||||||
|
(url_for('get_repo_builds', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_filedrop_url'), (401, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('request_repo_build', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
(url_for('request_repo_build', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
(url_for('request_repo_build', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('list_repository_images', repository=PUBLIC_REPO),
|
||||||
|
(200, open_kwargs())),
|
||||||
|
(url_for('list_repository_images', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_repository_images', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_image', repository=PUBLIC_REPO, image_id=FAKE_IMAGE_ID),
|
||||||
|
(404, open_kwargs())),
|
||||||
|
(url_for('get_image', repository=ORG_REPO, image_id=FAKE_IMAGE_ID),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('get_image', repository=PRIVATE_REPO, image_id=FAKE_IMAGE_ID),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_image_changes', repository=PUBLIC_REPO,
|
||||||
|
image_id=FAKE_IMAGE_ID), (404, open_kwargs())),
|
||||||
|
(url_for('get_image_changes', repository=ORG_REPO,
|
||||||
|
image_id=FAKE_IMAGE_ID), (403, open_kwargs())),
|
||||||
|
(url_for('get_image_changes', repository=PRIVATE_REPO,
|
||||||
|
image_id=FAKE_IMAGE_ID), (403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('list_tag_images', repository=PUBLIC_REPO, tag=FAKE_TAG_NAME),
|
||||||
|
(404, open_kwargs())),
|
||||||
|
(url_for('list_tag_images', repository=ORG_REPO, tag=FAKE_TAG_NAME),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_tag_images', repository=PRIVATE_REPO, tag=FAKE_TAG_NAME),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('list_repo_team_permissions', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('list_repo_team_permissions', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('list_repo_team_permissions', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('list_repo_user_permissions', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('list_repo_user_permissions', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('list_repo_user_permissions', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_user_permissions', repository=PUBLIC_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs())),
|
||||||
|
(url_for('get_user_permissions', repository=ORG_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs())),
|
||||||
|
(url_for('get_user_permissions', repository=PRIVATE_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_team_permissions', repository=PUBLIC_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs())),
|
||||||
|
(url_for('get_team_permissions', repository=ORG_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs())),
|
||||||
|
(url_for('get_team_permissions', repository=PRIVATE_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('change_user_permissions', repository=PUBLIC_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_user_permissions', repository=ORG_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_user_permissions', repository=PRIVATE_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('change_team_permissions', repository=PUBLIC_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_team_permissions', repository=ORG_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_team_permissions', repository=PRIVATE_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_user_permissions', repository=PUBLIC_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_user_permissions', repository=ORG_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_user_permissions', repository=PRIVATE_REPO,
|
||||||
|
username=FAKE_USERNAME), (401, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('delete_team_permissions', repository=PUBLIC_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_team_permissions', repository=ORG_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_team_permissions', repository=PRIVATE_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (401, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('list_repo_tokens', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('list_repo_tokens', repository=ORG_REPO), (401, open_kwargs())),
|
||||||
|
(url_for('list_repo_tokens', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_tokens', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('get_tokens', repository=ORG_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
(url_for('get_tokens', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('create_token', repository=PUBLIC_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
(url_for('create_token', repository=ORG_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
(url_for('create_token', repository=PRIVATE_REPO),
|
||||||
|
(401, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('change_token', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_token', repository=ORG_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_token', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_token', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_token', repository=ORG_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_token', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
||||||
|
(401, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('subscribe_api'), (401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('subscribe_org_api', orgname=ORG), (401, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('get_subscription'), (401, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_org_subscription', orgname=ORG), (401, open_kwargs())),
|
||||||
|
])
|
||||||
|
|
||||||
|
|
||||||
|
def build_no_access_spec():
|
||||||
|
changes = OrderedDict([
|
||||||
|
(url_for('change_user_details'), (200, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('get_matching_users', prefix='dev'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_matching_entities', prefix='dev'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_organization', orgname=ORG), (403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_organization_private_allowed', orgname=ORG),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('update_organization_team', orgname=ORG, teamname=ORG_OWNERS),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_organization_team', orgname=ORG, teamname=ORG_OWNERS),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('get_organization_team_members', orgname=ORG,
|
||||||
|
teamname=ORG_OWNERS), (403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('update_organization_team_member', orgname=ORG,
|
||||||
|
teamname=ORG_OWNERS, membername=ORG_OWNER),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_organization_team_member', orgname=ORG,
|
||||||
|
teamname=ORG_OWNERS, membername=ORG_OWNER),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('create_repo_api'), (403, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('update_repo_api', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
(url_for('update_repo_api', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
(url_for('update_repo_api', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('change_repo_visibility_api', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
(url_for('change_repo_visibility_api', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
(url_for('change_repo_visibility_api', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('delete_repository', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_repository', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_repository', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('get_repo_builds', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('get_repo_builds', repository=ORG_REPO), (403, open_kwargs())),
|
||||||
|
(url_for('get_repo_builds', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_filedrop_url'), (400, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('request_repo_build', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
(url_for('request_repo_build', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
(url_for('request_repo_build', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('list_repo_team_permissions', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_repo_team_permissions', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_repo_team_permissions', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('list_repo_user_permissions', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_repo_user_permissions', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_repo_user_permissions', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_user_permissions', repository=PUBLIC_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs())),
|
||||||
|
(url_for('get_user_permissions', repository=ORG_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs())),
|
||||||
|
(url_for('get_user_permissions', repository=PRIVATE_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_team_permissions', repository=PUBLIC_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs())),
|
||||||
|
(url_for('get_team_permissions', repository=ORG_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs())),
|
||||||
|
(url_for('get_team_permissions', repository=PRIVATE_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('change_user_permissions', repository=PUBLIC_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_user_permissions', repository=ORG_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_user_permissions', repository=PRIVATE_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('change_team_permissions', repository=PUBLIC_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_team_permissions', repository=ORG_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_team_permissions', repository=PRIVATE_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_user_permissions', repository=PUBLIC_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_user_permissions', repository=ORG_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_user_permissions', repository=PRIVATE_REPO,
|
||||||
|
username=FAKE_USERNAME), (403, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('delete_team_permissions', repository=PUBLIC_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_team_permissions', repository=ORG_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_team_permissions', repository=PRIVATE_REPO,
|
||||||
|
teamname=FAKE_TEAMNAME), (403, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('list_repo_tokens', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('list_repo_tokens', repository=ORG_REPO), (403, open_kwargs())),
|
||||||
|
(url_for('list_repo_tokens', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_tokens', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('get_tokens', repository=ORG_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
(url_for('get_tokens', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('create_token', repository=PUBLIC_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
(url_for('create_token', repository=ORG_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
(url_for('create_token', repository=PRIVATE_REPO),
|
||||||
|
(403, open_kwargs('POST'))),
|
||||||
|
|
||||||
|
(url_for('change_token', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_token', repository=ORG_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
(url_for('change_token', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('delete_token', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_token', repository=ORG_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
(url_for('delete_token', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
||||||
|
(403, open_kwargs('DELETE'))),
|
||||||
|
|
||||||
|
(url_for('subscribe_api'), (403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('subscribe_org_api', orgname=ORG), (403, open_kwargs('PUT'))),
|
||||||
|
|
||||||
|
(url_for('get_subscription'), (200, open_kwargs())),
|
||||||
|
|
||||||
|
(url_for('get_org_subscription', orgname=ORG), (403, open_kwargs())),
|
||||||
|
])
|
||||||
|
|
||||||
|
to_update = build_anon_spec()
|
||||||
|
to_update.update(changes)
|
||||||
|
return to_update
|
||||||
|
|
@ -1,265 +1,15 @@
|
||||||
import unittest
|
import unittest
|
||||||
import json
|
import json
|
||||||
|
|
||||||
from flask import url_for
|
|
||||||
from uuid import uuid4
|
|
||||||
from collections import OrderedDict
|
|
||||||
|
|
||||||
import endpoints.api
|
import endpoints.api
|
||||||
|
|
||||||
from app import app
|
from app import app
|
||||||
from data import model
|
from data import model
|
||||||
from initdb import wipe_database, initialize_database, populate_database
|
from initdb import wipe_database, initialize_database, populate_database
|
||||||
|
from specs import build_anon_spec, build_no_access_spec
|
||||||
|
|
||||||
|
|
||||||
PUBLIC_REPO = 'public/publicrepo'
|
NO_ACCESS_USER = 'freshuser'
|
||||||
PRIVATE_REPO = 'devtable/complex'
|
|
||||||
ORG = 'devtableorg'
|
|
||||||
ORG_REPO = ORG + '/orgrepo'
|
|
||||||
ORG_OWNERS = 'owners'
|
|
||||||
ORG_READERS = 'readers'
|
|
||||||
ORG_OWNER = 'devtable'
|
|
||||||
FAKE_IMAGE_ID = uuid4()
|
|
||||||
FAKE_TAG_NAME = uuid4()
|
|
||||||
FAKE_USERNAME = uuid4()
|
|
||||||
FAKE_TEAMNAME = uuid4()
|
|
||||||
FAKE_TOKEN = uuid4()
|
|
||||||
|
|
||||||
|
|
||||||
def open_kwargs(method='GET', json_object=None):
|
|
||||||
kwargs = {
|
|
||||||
'method': method,
|
|
||||||
}
|
|
||||||
|
|
||||||
if json_object is not None:
|
|
||||||
kwargs['data'] = json.dumps(json_object)
|
|
||||||
kwargs['content_type'] = 'application/json'
|
|
||||||
|
|
||||||
elif method == 'POST' or method == 'PUT':
|
|
||||||
kwargs['data'] = json.dumps({
|
|
||||||
'fake': 'json',
|
|
||||||
'data': 'here',
|
|
||||||
})
|
|
||||||
kwargs['content_type'] = 'application/json'
|
|
||||||
|
|
||||||
return kwargs
|
|
||||||
|
|
||||||
with app.test_request_context() as ctx:
|
|
||||||
ANON_SPEC = OrderedDict([
|
|
||||||
(url_for('welcome'), (200, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('plans_list'), (200, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_logged_in_user'), (200, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('change_user_details'), (401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('create_user_api'), (400, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('signin_api'), (400, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('logout'), (401, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('send_recovery'), (400, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('get_matching_users', prefix='dev'), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_matching_entities', prefix='dev'), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_organization', orgname=ORG), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_organization_private_allowed', orgname=ORG),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('update_organization_team', orgname=ORG, teamname=ORG_OWNERS),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('delete_organization_team', orgname=ORG, teamname=ORG_OWNERS),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
|
|
||||||
(url_for('get_organization_team_members', orgname=ORG,
|
|
||||||
teamname=ORG_OWNERS), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('update_organization_team_member', orgname=ORG,
|
|
||||||
teamname=ORG_OWNERS, membername=ORG_OWNER),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('delete_organization_team_member', orgname=ORG,
|
|
||||||
teamname=ORG_OWNERS, membername=ORG_OWNER),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
|
|
||||||
(url_for('create_repo_api'), (401, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('match_repos_api'), (200, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('list_repos_api'), (200, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('update_repo_api', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
(url_for('update_repo_api', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
(url_for('update_repo_api', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('change_repo_visibility_api', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
(url_for('change_repo_visibility_api', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
(url_for('change_repo_visibility_api', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('delete_repository', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_repository', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_repository', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
|
|
||||||
(url_for('get_repo_api', repository=PUBLIC_REPO),(200, open_kwargs())),
|
|
||||||
(url_for('get_repo_api', repository=ORG_REPO), (403, open_kwargs())),
|
|
||||||
(url_for('get_repo_api', repository=PRIVATE_REPO), (403, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_repo_builds', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('get_repo_builds', repository=ORG_REPO), (401, open_kwargs())),
|
|
||||||
(url_for('get_repo_builds', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_filedrop_url'), (401, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('request_repo_build', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
(url_for('request_repo_build', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
(url_for('request_repo_build', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('list_repository_images', repository=PUBLIC_REPO),
|
|
||||||
(200, open_kwargs())),
|
|
||||||
(url_for('list_repository_images', repository=ORG_REPO),
|
|
||||||
(403, open_kwargs())),
|
|
||||||
(url_for('list_repository_images', repository=PRIVATE_REPO),
|
|
||||||
(403, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_image', repository=PUBLIC_REPO, image_id=FAKE_IMAGE_ID),
|
|
||||||
(404, open_kwargs())),
|
|
||||||
(url_for('get_image', repository=ORG_REPO, image_id=FAKE_IMAGE_ID),
|
|
||||||
(403, open_kwargs())),
|
|
||||||
(url_for('get_image', repository=PRIVATE_REPO, image_id=FAKE_IMAGE_ID),
|
|
||||||
(403, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_image_changes', repository=PUBLIC_REPO,
|
|
||||||
image_id=FAKE_IMAGE_ID), (404, open_kwargs())),
|
|
||||||
(url_for('get_image_changes', repository=ORG_REPO,
|
|
||||||
image_id=FAKE_IMAGE_ID), (403, open_kwargs())),
|
|
||||||
(url_for('get_image_changes', repository=PRIVATE_REPO,
|
|
||||||
image_id=FAKE_IMAGE_ID), (403, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('list_tag_images', repository=PUBLIC_REPO, tag=FAKE_TAG_NAME),
|
|
||||||
(404, open_kwargs())),
|
|
||||||
(url_for('list_tag_images', repository=ORG_REPO, tag=FAKE_TAG_NAME),
|
|
||||||
(403, open_kwargs())),
|
|
||||||
(url_for('list_tag_images', repository=PRIVATE_REPO, tag=FAKE_TAG_NAME),
|
|
||||||
(403, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('list_repo_team_permissions', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('list_repo_team_permissions', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('list_repo_team_permissions', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('list_repo_user_permissions', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('list_repo_user_permissions', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('list_repo_user_permissions', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_user_permissions', repository=PUBLIC_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs())),
|
|
||||||
(url_for('get_user_permissions', repository=ORG_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs())),
|
|
||||||
(url_for('get_user_permissions', repository=PRIVATE_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_team_permissions', repository=PUBLIC_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs())),
|
|
||||||
(url_for('get_team_permissions', repository=ORG_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs())),
|
|
||||||
(url_for('get_team_permissions', repository=PRIVATE_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('change_user_permissions', repository=PUBLIC_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs('PUT'))),
|
|
||||||
(url_for('change_user_permissions', repository=ORG_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs('PUT'))),
|
|
||||||
(url_for('change_user_permissions', repository=PRIVATE_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('change_team_permissions', repository=PUBLIC_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs('PUT'))),
|
|
||||||
(url_for('change_team_permissions', repository=ORG_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs('PUT'))),
|
|
||||||
(url_for('change_team_permissions', repository=PRIVATE_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('delete_user_permissions', repository=PUBLIC_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_user_permissions', repository=ORG_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_user_permissions', repository=PRIVATE_REPO,
|
|
||||||
username=FAKE_USERNAME), (401, open_kwargs('DELETE'))),
|
|
||||||
|
|
||||||
(url_for('delete_team_permissions', repository=PUBLIC_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_team_permissions', repository=ORG_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_team_permissions', repository=PRIVATE_REPO,
|
|
||||||
teamname=FAKE_TEAMNAME), (401, open_kwargs('DELETE'))),
|
|
||||||
|
|
||||||
(url_for('list_repo_tokens', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('list_repo_tokens', repository=ORG_REPO), (401, open_kwargs())),
|
|
||||||
(url_for('list_repo_tokens', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_tokens', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('get_tokens', repository=ORG_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
(url_for('get_tokens', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('create_token', repository=PUBLIC_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
(url_for('create_token', repository=ORG_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
(url_for('create_token', repository=PRIVATE_REPO),
|
|
||||||
(401, open_kwargs('POST'))),
|
|
||||||
|
|
||||||
(url_for('change_token', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
(url_for('change_token', repository=ORG_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
(url_for('change_token', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('delete_token', repository=PUBLIC_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_token', repository=ORG_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
(url_for('delete_token', repository=PRIVATE_REPO, code=FAKE_TOKEN),
|
|
||||||
(401, open_kwargs('DELETE'))),
|
|
||||||
|
|
||||||
(url_for('subscribe_api'), (401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('subscribe_org_api', orgname=ORG), (401, open_kwargs('PUT'))),
|
|
||||||
|
|
||||||
(url_for('get_subscription'), (401, open_kwargs())),
|
|
||||||
|
|
||||||
(url_for('get_org_subscription', orgname=ORG), (401, open_kwargs())),
|
|
||||||
])
|
|
||||||
|
|
||||||
|
|
||||||
class ApiTestCase(unittest.TestCase):
|
class ApiTestCase(unittest.TestCase):
|
||||||
|
|
@ -268,27 +18,32 @@ class ApiTestCase(unittest.TestCase):
|
||||||
initialize_database()
|
initialize_database()
|
||||||
populate_database()
|
populate_database()
|
||||||
|
|
||||||
self.client = app.test_client()
|
|
||||||
|
|
||||||
def signin(self, username, password):
|
|
||||||
args = {
|
|
||||||
'username': username,
|
|
||||||
'password': password,
|
|
||||||
}
|
|
||||||
return self.client.post('/signin', data=json.dumps(args),
|
|
||||||
follow_redirects=True)
|
|
||||||
|
|
||||||
def signout(self):
|
|
||||||
return self.client.get('/signout', follow_redirects=True)
|
|
||||||
|
|
||||||
|
|
||||||
class TestAnonymousAccess(ApiTestCase):
|
class TestAnonymousAccess(ApiTestCase):
|
||||||
def test_anonymous_public_access(self):
|
def __runspec(self, client, spec):
|
||||||
for url, (expected_status, open_kwargs) in ANON_SPEC.items():
|
for url, (expected_status, open_kwargs) in spec.items():
|
||||||
rv = self.client.open(url, **open_kwargs)
|
rv = client.open(url, **open_kwargs)
|
||||||
msg = '%s %s: %s expected: %s' % (open_kwargs['method'], url,
|
msg = '%s %s: %s expected: %s' % (open_kwargs['method'], url,
|
||||||
rv.status_code, expected_status)
|
rv.status_code, expected_status)
|
||||||
self.assertEqual(rv.status_code, expected_status, msg)
|
self.assertEqual(rv.status_code, expected_status, msg)
|
||||||
|
|
||||||
|
def test_anonymous_public_access(self):
|
||||||
|
with app.test_request_context() as ctx:
|
||||||
|
spec = build_anon_spec()
|
||||||
|
|
||||||
|
with app.test_client() as c:
|
||||||
|
self.__runspec(c, spec)
|
||||||
|
|
||||||
|
def test_authenticated_but_not_authorized(self):
|
||||||
|
with app.test_request_context() as ctx:
|
||||||
|
spec = build_no_access_spec()
|
||||||
|
|
||||||
|
with app.test_client() as c:
|
||||||
|
with c.session_transaction() as sess:
|
||||||
|
sess['user_id'] = NO_ACCESS_USER
|
||||||
|
|
||||||
|
self.__runspec(c, spec)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
unittest.main()
|
unittest.main()
|
||||||
Reference in a new issue