diff --git a/endpoints/api.py b/endpoints/api.py index a1b3ba51a..6dfc52dc1 100644 --- a/endpoints/api.py +++ b/endpoints/api.py @@ -610,9 +610,9 @@ def create_organization_prototype_permission(orgname): 'name' in details['activating_user']): activating_username = details['activating_user']['name'] - delegate = details['delegate'] - delegate_kind = delegate['kind'] - delegate_name = delegate['name'] + delegate = details['delegate'] if 'delegate' in details else {} + delegate_kind = delegate.get('kind', None) + delegate_name = delegate.get('name', None) delegate_username = delegate_name if delegate_kind == 'user' else None delegate_teamname = delegate_name if delegate_kind == 'team' else None @@ -628,7 +628,7 @@ def create_organization_prototype_permission(orgname): return request_error(message='Unknown activating user') if not delegate_user and not delegate_team: - return request_error(message='Missing delagate user or team') + return request_error(message='Missing delegate user or team') role_name = details['role'] diff --git a/test/test_api_usage.py b/test/test_api_usage.py index 67d8deb1b..81837d590 100644 --- a/test/test_api_usage.py +++ b/test/test_api_usage.py @@ -50,6 +50,11 @@ class ApiTestCase(unittest.TestCase): self.assertEquals(rv.status_code, expected_code) return rv.data + def deleteResponse(self, method_name, params={}, expected_code=204): + rv = self.app.delete(url_for(method_name, **params)) + self.assertEquals(rv.status_code, expected_code) + return rv.data + def postJsonResponse(self, method_name, params={}, data={}, expected_code=200): rv = self.app.post(url_for(method_name, **params), data=json.dumps(data), headers={"Content-Type": "application/json"}) @@ -158,6 +163,13 @@ class TestConvertToOrganization(ApiTestCase): # Verify the organization exists. organization = model.get_organization(READ_ACCESS_USER) assert organization is not None + + # Verify the admin user is the org's admin. + self.login(ADMIN_ACCESS_USER) + json = self.getJsonResponse('api.get_organization', params=dict(orgname=READ_ACCESS_USER)) + + self.assertEquals(READ_ACCESS_USER, json['name']) + self.assertEquals(True, json['is_admin']) class TestChangeUserDetails(ApiTestCase): @@ -257,7 +269,12 @@ class TestCreateOrganization(ApiTestCase): # Ensure the org was created. organization = model.get_organization('neworg') assert organization is not None - + + # Verify the admin user is the org's admin. + json = self.getJsonResponse('api.get_organization', params=dict(orgname='neworg')) + self.assertEquals('neworg', json['name']) + self.assertEquals(True, json['is_admin']) + class TestGetOrganization(ApiTestCase): def test_unknownorg(self): @@ -284,6 +301,7 @@ class TestGetOrganization(ApiTestCase): self.assertEquals(ORGANIZATION, json['name']) self.assertEquals(True, json['is_admin']) + class TestChangeOrganizationDetails(ApiTestCase): def test_changeinvoiceemail(self): self.login(ADMIN_ACCESS_USER) @@ -310,5 +328,247 @@ class TestChangeOrganizationDetails(ApiTestCase): self.assertEquals('newemail@example.com', json['email']) +class TestGetOrganizationPrototypes(ApiTestCase): + def test_getprototypes(self): + self.login(ADMIN_ACCESS_USER) + json = self.getJsonResponse('api.get_organization_prototype_permissions', + params=dict(orgname=ORGANIZATION)) + + assert len(json['prototypes']) > 0 + + +class TestCreateOrganizationPrototypes(ApiTestCase): + def test_invaliduser(self): + self.login(ADMIN_ACCESS_USER) + + json = self.postJsonResponse('api.create_organization_prototype_permission', + params=dict(orgname=ORGANIZATION), + data=dict(activating_user={'name': 'unknownuser'}, + role='read', + delegate={'kind': 'team', 'name': 'owners'}), + expected_code=400) + + self.assertEquals('Unknown activating user', json['message']) + + + def test_missingdelegate(self): + self.login(ADMIN_ACCESS_USER) + + json = self.postJsonResponse('api.create_organization_prototype_permission', + params=dict(orgname=ORGANIZATION), + data=dict(role='read'), + expected_code=400) + + self.assertEquals('Missing delegate user or team', json['message']) + + def test_createprototype(self): + self.login(ADMIN_ACCESS_USER) + + json = self.postJsonResponse('api.create_organization_prototype_permission', + params=dict(orgname=ORGANIZATION), + data=dict(role='read', delegate={'kind': 'team', 'name': 'readers'})) + + self.assertEquals('read', json['role']) + pid = json['id'] + + # Verify the prototype exists. + json = self.getJsonResponse('api.get_organization_prototype_permissions', + params=dict(orgname=ORGANIZATION)) + + ids = set([p['id'] for p in json['prototypes']]) + assert pid in ids + + +class TestDeleteOrganizationPrototypes(ApiTestCase): + def test_deleteprototype(self): + self.login(ADMIN_ACCESS_USER) + + # Get the existing prototypes + json = self.getJsonResponse('api.get_organization_prototype_permissions', + params=dict(orgname=ORGANIZATION)) + + ids = [p['id'] for p in json['prototypes']] + pid = ids[0] + + # Delete a prototype. + self.deleteResponse('api.delete_organization_prototype_permission', + params=dict(orgname=ORGANIZATION, prototypeid=pid)) + + # Verify the prototype no longer exists. + json = self.getJsonResponse('api.get_organization_prototype_permissions', + params=dict(orgname=ORGANIZATION)) + + newids = [p['id'] for p in json['prototypes']] + assert not pid in newids + + +class TestUpdateOrganizationPrototypes(ApiTestCase): + def test_updateprototype(self): + self.login(ADMIN_ACCESS_USER) + + # Get the existing prototypes + json = self.getJsonResponse('api.get_organization_prototype_permissions', + params=dict(orgname=ORGANIZATION)) + + ids = [p['id'] for p in json['prototypes']] + pid = ids[0] + + # Update a prototype. + json = self.putJsonResponse('api.delete_organization_prototype_permission', + params=dict(orgname=ORGANIZATION, prototypeid=pid), + data=dict(role='admin')) + + self.assertEquals('admin', json['role']) + + + +class TestGetOrganiaztionMembers(ApiTestCase): + def test_getmembers(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse('api.get_organization_members', + params=dict(orgname=ORGANIZATION)) + + assert ADMIN_ACCESS_USER in json['members'] + assert READ_ACCESS_USER in json['members'] + assert not NO_ACCESS_USER in json['members'] + + def test_getspecificmember(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse('api.get_organization_member', + params=dict(orgname=ORGANIZATION, membername=ADMIN_ACCESS_USER)) + + self.assertEquals(ADMIN_ACCESS_USER, json['member']['name']) + self.assertEquals('user', json['member']['kind']) + + assert 'owners' in json['member']['teams'] + + +class TestGetOrganizationPrivateAllowed(ApiTestCase): + def test_existingorg(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse('api.get_organization_private_allowed', + params=dict(orgname=ORGANIZATION)) + + self.assertEquals(True, json['privateAllowed']) + assert not 'reposAllowed' in json + + + def test_neworg(self): + self.login(ADMIN_ACCESS_USER) + + data = self.postResponse('api.create_organization', + data=dict(name='neworg', email='test@example.com'), + expected_code=201) + + json = self.getJsonResponse('api.get_organization_private_allowed', + params=dict(orgname='neworg')) + + self.assertEquals(False, json['privateAllowed']) + + +class TestUpdateOrganizationTeam(ApiTestCase): + def test_updateexisting(self): + self.login(ADMIN_ACCESS_USER) + + data = self.postJsonResponse('api.update_organization_team', + params=dict(orgname=ORGANIZATION, teamname='readers'), + data=dict(description = 'My cool team', role = 'creator')) + + self.assertEquals('My cool team', data['description']) + self.assertEquals('creator', data['role']) + + def test_attemptchangeroleonowners(self): + self.login(ADMIN_ACCESS_USER) + + self.postResponse('api.update_organization_team', + params=dict(orgname=ORGANIZATION, teamname='owners'), + data=dict(role = 'creator'), + expected_code=400) + + def test_createnewteam(self): + self.login(ADMIN_ACCESS_USER) + + data = self.putJsonResponse('api.update_organization_team', + params=dict(orgname=ORGANIZATION, teamname='newteam'), + data=dict(description = 'My cool team', role = 'member'), + expected_code=201) + + self.assertEquals('My cool team', data['description']) + self.assertEquals('member', data['role']) + + # Verify the team was created. + json = self.getJsonResponse('api.get_organization', params=dict(orgname=ORGANIZATION)) + assert 'newteam' in json['teams'] + + +class TestDeleteOrganizationTeam(ApiTestCase): + def test_deleteteam(self): + self.login(ADMIN_ACCESS_USER) + + self.deleteResponse('api.delete_organization_team', + params=dict(orgname=ORGANIZATION, teamname='readers')) + + # Make sure the team was deleted + json = self.getJsonResponse('api.get_organization', params=dict(orgname=ORGANIZATION)) + assert not 'readers' in json['teams'] + + def test_attemptdeleteowners(self): + self.login(ADMIN_ACCESS_USER) + + self.deleteResponse('api.delete_organization_team', + params=dict(orgname=ORGANIZATION, teamname='owners'), + expected_code=400) + + +class TestGetOrganizationTeamMembers(ApiTestCase): + def test_invalidteam(self): + self.login(ADMIN_ACCESS_USER) + + self.getResponse('api.get_organization_team_members', + params=dict(orgname=ORGANIZATION, teamname='notvalid'), + expected_code=404) + + def test_getmembers(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse('api.get_organization_team_members', + params=dict(orgname=ORGANIZATION, teamname='readers')) + + assert READ_ACCESS_USER in json['members'] + + +class TestUpdateOrganizationTeamMember(ApiTestCase): + def test_addmember(self): + self.login(ADMIN_ACCESS_USER) + + self.postJsonResponse('api.update_organization_team_member', + params=dict(orgname=ORGANIZATION, teamname='readers', membername=NO_ACCESS_USER)) + + + # Verify the user was added to the team. + json = self.getJsonResponse('api.get_organization_team_members', + params=dict(orgname=ORGANIZATION, teamname='readers')) + + assert NO_ACCESS_USER in json['members'] + + +class TestDeleteOrganizationTeamMember(ApiTestCase): + def test_deletemember(self): + self.login(ADMIN_ACCESS_USER) + + self.deleteResponse('api.delete_organization_team_member', + params=dict(orgname=ORGANIZATION, teamname='readers', membername=READ_ACCESS_USER)) + + + # Verify the user was removed from the team. + json = self.getJsonResponse('api.get_organization_team_members', + params=dict(orgname=ORGANIZATION, teamname='readers')) + + assert not READ_ACCESS_USER in json['members'] + + if __name__ == '__main__': unittest.main()