vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #1225 from coreos-inc/setuptooltest

Browse source 
Add tests for superuser config API calls
This commit is contained in:
josephschorr 2016-02-16 17:01:43 -05:00
commit 6f9fc7fc08
2 changed files with 111 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

113
test/test_api_usage.py
View file

@ -6,6 +6,7 @@ import logging
import re import re
import json as py_json import json as py_json
from StringIO import StringIO
from urllib import urlencode from urllib import urlencode
from urlparse import urlparse, urlunparse, parse_qs from urlparse import urlparse, urlunparse, parse_qs
@ -14,7 +15,7 @@ from playhouse.test_utils import assert_query_count, _QueryLogHandler
from endpoints.api import api_bp, api from endpoints.api import api_bp, api
from endpoints.building import PreparedBuild from endpoints.building import PreparedBuild
from endpoints.webhooks import webhooks from endpoints.webhooks import webhooks
from app import app from app import app, config_provider
from buildtrigger.basehandler import BuildTriggerHandler from buildtrigger.basehandler import BuildTriggerHandler
from initdb import setup_database_for_testing, finished_database_for_testing from initdb import setup_database_for_testing, finished_database_for_testing
from data import database, model from data import database, model
@ -50,7 +51,9 @@ from endpoints.api.organization import (OrganizationList, OrganizationMember,
from endpoints.api.repository import RepositoryList, RepositoryVisibility, Repository from endpoints.api.repository import RepositoryList, RepositoryVisibility, Repository
from endpoints.api.permission import (RepositoryUserPermission, RepositoryTeamPermission, from endpoints.api.permission import (RepositoryUserPermission, RepositoryTeamPermission,
RepositoryTeamPermissionList, RepositoryUserPermissionList) RepositoryTeamPermissionList, RepositoryUserPermissionList)
from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserManagement) from endpoints.api.superuser import SuperUserLogs, SuperUserList, SuperUserManagement
from endpoints.api.suconfig import (SuperUserRegistryStatus, SuperUserConfig, SuperUserConfigFile,
SuperUserCreateInitialSuperUser)
try: try:
app.register_blueprint(api_bp, url_prefix='/api') app.register_blueprint(api_bp, url_prefix='/api')
@ -116,6 +119,7 @@ class ApiTestCase(unittest.TestCase):
def tearDown(self): def tearDown(self):
finished_database_for_testing(self) finished_database_for_testing(self)
config_provider.clear()
self.ctx.__exit__(True, None, None) self.ctx.__exit__(True, None, None)
def setCsrfToken(self, token): def setCsrfToken(self, token):
@ -129,10 +133,15 @@ class ApiTestCase(unittest.TestCase):
parsed = py_json.loads(data) parsed = py_json.loads(data)
return parsed return parsed
def postResponse(self, resource_name, params={}, data={}, expected_code=200): def postResponse(self, resource_name, params={}, data={}, file=None, expected_code=200):
rv = self.app.post(self.url_for(resource_name, params), data = py_json.dumps(data)
data=py_json.dumps(data), headers = {"Content-Type": "application/json"}
headers={"Content-Type": "application/json"})
if file is not None:
data = {'file': file}
headers = None
rv = self.app.post(self.url_for(resource_name, params), data=data, headers=headers)
self.assertEquals(rv.status_code, expected_code) self.assertEquals(rv.status_code, expected_code)
return rv.data return rv.data
@ -3329,6 +3338,98 @@ class TestSuperUserList(ApiTestCase):
assert len(json['users']) > 0 assert len(json['users']) > 0
class TestSuperUserCreateInitialSuperUser(ApiTestCase):
def test_create_superuser(self):
data = {
'username': 'newsuper',
'password': 'password',
'email': 'jschorr+fake@devtable.com',
}
# Try to write before some config. Should 403.
self.postResponse(SuperUserCreateInitialSuperUser, data=data, expected_code=403)
# Add some fake config.
fake_config = {
'AUTHENTICATION_TYPE': 'Database',
'SECRET_KEY': 'fakekey',
}
self.putJsonResponse(SuperUserConfig, data=dict(config=fake_config, hostname='fakehost'))
# Try to write with config. Should 403 since there are users in the DB.
self.postResponse(SuperUserCreateInitialSuperUser, data=data, expected_code=403)
# Delete all users in the DB.
for user in list(database.User.select()):
user.delete_instance(recursive=True)
# Create the superuser.
self.postJsonResponse(SuperUserCreateInitialSuperUser, data=data)
# Ensure the user exists in the DB.
self.assertIsNotNone(model.user.get_user('newsuper'))
# Ensure that the current user is newsuper.
json = self.getJsonResponse(User)
self.assertEquals('newsuper', json['username'])
# Ensure that the current user is a superuser in the config.
json = self.getJsonResponse(SuperUserConfig)
self.assertEquals(['newsuper'], json['config']['SUPER_USERS'])
# Ensure that the current user is a superuser in memory by trying to call an API
# that will fail otherwise.
self.getResponse(SuperUserConfigFile, params=dict(filename='ssl.cert'))
class TestSuperUserConfig(ApiTestCase):
def test_get_status_update_config(self):
# With no config the status should be 'config-db'.
json = self.getJsonResponse(SuperUserRegistryStatus)
self.assertEquals('config-db', json['status'])
# And the config should 401.
self.getResponse(SuperUserConfig, expected_code=401)
# Add some fake config.
fake_config = {
'AUTHENTICATION_TYPE': 'Database',
'SECRET_KEY': 'fakekey',
}
json = self.putJsonResponse(SuperUserConfig, data=dict(config=fake_config, hostname='fakehost'))
self.assertEquals('fakekey', json['config']['SECRET_KEY'])
self.assertEquals('fakehost', json['config']['SERVER_HOSTNAME'])
self.assertEquals('Database', json['config']['AUTHENTICATION_TYPE'])
# With config the status should be 'setup-db'.
json = self.getJsonResponse(SuperUserRegistryStatus)
self.assertEquals('setup-db', json['status'])
def test_config_file(self):
# Try without an account. Should 403.
self.getResponse(SuperUserConfigFile, params=dict(filename='ssl.cert'), expected_code=403)
# Login to a superuser.
self.login(ADMIN_ACCESS_USER)
# Try for an invalid file. Should 404.
self.getResponse(SuperUserConfigFile, params=dict(filename='foobar'), expected_code=404)
# Try for a valid filename. Should not exist.
json = self.getJsonResponse(SuperUserConfigFile, params=dict(filename='ssl.cert'))
self.assertFalse(json['exists'])
# Add the file.
self.postResponse(SuperUserConfigFile, params=dict(filename='ssl.cert'),
file=(StringIO('my file contents'), 'ssl.cert'))
# Should now exist.
json = self.getJsonResponse(SuperUserConfigFile, params=dict(filename='ssl.cert'))
self.assertTrue(json['exists'])
class TestSuperUserManagement(ApiTestCase): class TestSuperUserManagement(ApiTestCase):
def test_get_user(self): def test_get_user(self):
self.login(ADMIN_ACCESS_USER) self.login(ADMIN_ACCESS_USER)

5
util/config/provider/testprovider.py
View file

@ -7,8 +7,11 @@ class TestConfigProvider(BaseProvider):
""" Implementation of the config provider for testing. Everything is kept in-memory instead on """ Implementation of the config provider for testing. Everything is kept in-memory instead on
the real file system. """ the real file system. """
def __init__(self): def __init__(self):
self.clear()
def clear(self):
self.files = {} self.files = {}
self._config = None self._config = {}
@property @property
def provider_id(self): def provider_id(self):