From 66dc09363934f700db0d3a67cb82a7c97beb7bac Mon Sep 17 00:00:00 2001 From: Evan Cordell Date: Tue, 1 Aug 2017 11:34:31 -0400 Subject: [PATCH] Convert RepositoryUserTransitivePermission security tests to pytest --- endpoints/api/test/test_security.py | 16 +++++++ test/test_api_security.py | 66 ----------------------------- 2 files changed, 16 insertions(+), 66 deletions(-) diff --git a/endpoints/api/test/test_security.py b/endpoints/api/test/test_security.py index 50c58f39d..bc06d296e 100644 --- a/endpoints/api/test/test_security.py +++ b/endpoints/api/test/test_security.py @@ -5,6 +5,7 @@ from flask_principal import AnonymousIdentity from endpoints.api import api from endpoints.api.repositorynotification import RepositoryNotification +from endpoints.api.permission import RepositoryUserTransitivePermission from endpoints.api.team import OrganizationTeamSyncing from endpoints.api.test.shared import conduct_api_call from endpoints.api.repository import RepositoryTrust @@ -67,6 +68,21 @@ NOTIFICATION_PARAMS = {'namespace': 'devtable', 'repository': 'devtable/simple', (RepositoryTrust, 'POST', REPO_PARAMS, {'trust_enabled': True}, 'freshuser', 403), (RepositoryTrust, 'POST', REPO_PARAMS, {'trust_enabled': True}, 'reader', 403), (RepositoryTrust, 'POST', REPO_PARAMS, {'trust_enabled': True}, 'devtable', 404), + + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, None, 401), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, 'freshuser', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, 'reader', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, 'devtable', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, None, 401), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, 'freshuser', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, 'reader', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, 'devtable', 404), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, None, 401), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, 'freshuser', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, 'reader', 403), + (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, 'devtable', 404), + (RepositoryUserTransitivePermission, 'GET', {'username': 'devtable','repository': 'devtable/shared'}, None, 'devtable', 200), + (RepositoryUserTransitivePermission, 'GET', {'username': 'devtable','repository': 'devtable/nope'}, None, 'devtable', 404), ]) def test_api_security(resource, method, params, body, identity, expected, client): with client_with_identity(identity, client) as cl: diff --git a/test/test_api_security.py b/test/test_api_security.py index 348d2edcc..59ba9cc7c 100644 --- a/test/test_api_security.py +++ b/test/test_api_security.py @@ -756,72 +756,6 @@ class TestTeamMemberListBuynlargeOwners(ApiTestCase): self._run_test('GET', 200, 'devtable', None) -class TestRepositoryUserTransitivePermissionA2o9PublicPublicrepo(ApiTestCase): - def setUp(self): - ApiTestCase.setUp(self) - self._set_url(RepositoryUserTransitivePermission, username="A2O9", repository="public/publicrepo") - - def test_get_anonymous(self): - self._run_test('GET', 401, None, None) - - def test_get_freshuser(self): - self._run_test('GET', 403, 'freshuser', None) - - def test_get_reader(self): - self._run_test('GET', 403, 'reader', None) - - def test_get_devtable(self): - self._run_test('GET', 403, 'devtable', None) - -class TestRepositoryUserTransitivePermissionA2o9DevtableShared(ApiTestCase): - def setUp(self): - ApiTestCase.setUp(self) - self._set_url(RepositoryUserTransitivePermission, username="A2O9", repository="devtable/shared") - - def test_get_anonymous(self): - self._run_test('GET', 401, None, None) - - def test_get_freshuser(self): - self._run_test('GET', 403, 'freshuser', None) - - def test_get_reader(self): - self._run_test('GET', 403, 'reader', None) - - def test_get_devtable(self): - self._run_test('GET', 404, 'devtable', None) - - -class TestRepositoryUserTransitivePermissionA2o9DevtableShared(ApiTestCase): - def setUp(self): - ApiTestCase.setUp(self) - self._set_url(RepositoryUserTransitivePermission, username="devtable", repository="devtable/shared") - - def test_get_allowed(self): - self._run_test('GET', 200, 'devtable', None) - - def test_get_allowed_no_repo(self): - self._set_url(RepositoryUserTransitivePermission, username="devtable", repository="devtable/nope") - self._run_test('GET', 404, 'devtable', None) - - -class TestRepositoryUserTransitivePermissionA2o9BuynlargeOrgrepo(ApiTestCase): - def setUp(self): - ApiTestCase.setUp(self) - self._set_url(RepositoryUserTransitivePermission, username="A2O9", repository="buynlarge/orgrepo") - - def test_get_anonymous(self): - self._run_test('GET', 401, None, None) - - def test_get_freshuser(self): - self._run_test('GET', 403, 'freshuser', None) - - def test_get_reader(self): - self._run_test('GET', 403, 'reader', None) - - def test_get_devtable(self): - self._run_test('GET', 404, 'devtable', None) - - class TestRepositoryUserPermissionA2o9PublicPublicrepo(ApiTestCase): def setUp(self): ApiTestCase.setUp(self)