From 7412fae9dc02f61244635e3368fbb8481fbd3151 Mon Sep 17 00:00:00 2001 From: yackob03 Date: Thu, 30 Jan 2014 19:06:26 -0500 Subject: [PATCH] Fix the tests to use blueprints. --- test/specs.py | 374 +++++++++++++++++---------------- test/test_api_security.py | 7 +- test/test_endpoint_security.py | 12 +- 3 files changed, 208 insertions(+), 185 deletions(-) diff --git a/test/specs.py b/test/specs.py index 10e3eee13..9ffcdc009 100644 --- a/test/specs.py +++ b/test/specs.py @@ -103,320 +103,326 @@ class TestSpec(object): def build_specs(): return [ - TestSpec(url_for('welcome'), 200, 200, 200, 200), + TestSpec(url_for('api.welcome'), 200, 200, 200, 200), - TestSpec(url_for('list_plans'), 200, 200, 200, 200), + TestSpec(url_for('api.list_plans'), 200, 200, 200, 200), - TestSpec(url_for('get_logged_in_user'), 200, 200, 200, 200), + TestSpec(url_for('api.get_logged_in_user'), 200, 200, 200, 200), - TestSpec(url_for('change_user_details'), + TestSpec(url_for('api.change_user_details'), 401, 200, 200, 200).set_method('PUT'), - TestSpec(url_for('create_new_user'), 201, 201, 201, + TestSpec(url_for('api.create_new_user'), 201, 201, 201, 201).set_method('POST').set_data_from_obj(NEW_USER_DETAILS), - TestSpec(url_for('signin_user'), 200, 200, 200, + TestSpec(url_for('api.signin_user'), 200, 200, 200, 200).set_method('POST').set_data_from_obj(SIGNIN_DETAILS), - TestSpec(url_for('request_recovery_email'), 201, 201, 201, + TestSpec(url_for('api.request_recovery_email'), 201, 201, 201, 201).set_method('POST').set_data_from_obj(SEND_RECOVERY_DETAILS), - TestSpec(url_for('get_matching_users', prefix='dev'), 401, 200, 200, 200), + TestSpec(url_for('api.get_matching_users', prefix='dev'), + 401, 200, 200, 200), - TestSpec(url_for('get_matching_entities', prefix='dev'), 401, 200, 200, + TestSpec(url_for('api.get_matching_entities', prefix='dev'), 401, 200, 200, 200), - TestSpec(url_for('get_organization', orgname=ORG), 401, 403, 200, 200), + TestSpec(url_for('api.get_organization', orgname=ORG), 401, 403, 200, 200), - TestSpec(url_for('get_organization_private_allowed', orgname=ORG)), + TestSpec(url_for('api.get_organization_private_allowed', orgname=ORG)), - TestSpec(url_for('update_organization_team', orgname=ORG, + TestSpec(url_for('api.update_organization_team', orgname=ORG, teamname=ORG_OWNERS)).set_method('PUT'), - TestSpec(url_for('update_organization_team', orgname=ORG, + TestSpec(url_for('api.update_organization_team', orgname=ORG, teamname=ORG_READERS)).set_method('PUT'), - TestSpec(url_for('delete_organization_team', orgname=ORG, + TestSpec(url_for('api.delete_organization_team', orgname=ORG, teamname=ORG_OWNERS), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_organization_team', orgname=ORG, + TestSpec(url_for('api.delete_organization_team', orgname=ORG, teamname=ORG_READERS), admin_code=204).set_method('DELETE'), - TestSpec(url_for('get_organization_team_members', orgname=ORG, + TestSpec(url_for('api.get_organization_team_members', orgname=ORG, teamname=ORG_OWNERS)), - TestSpec(url_for('get_organization_team_members', orgname=ORG, + TestSpec(url_for('api.get_organization_team_members', orgname=ORG, teamname=ORG_READERS), read_code=200), - TestSpec(url_for('update_organization_team_member', orgname=ORG, + TestSpec(url_for('api.update_organization_team_member', orgname=ORG, teamname=ORG_OWNERS, membername=ORG_OWNER), admin_code=400).set_method('PUT'), - TestSpec(url_for('update_organization_team_member', orgname=ORG, + TestSpec(url_for('api.update_organization_team_member', orgname=ORG, teamname=ORG_READERS, membername=ORG_OWNER)).set_method('PUT'), - TestSpec(url_for('delete_organization_team_member', orgname=ORG, + TestSpec(url_for('api.delete_organization_team_member', orgname=ORG, teamname=ORG_OWNERS, membername=ORG_OWNER), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_organization_team_member', orgname=ORG, + TestSpec(url_for('api.delete_organization_team_member', orgname=ORG, teamname=ORG_READERS, membername=ORG_OWNER), admin_code=400).set_method('DELETE'), - (TestSpec(url_for('create_repo')) + (TestSpec(url_for('api.create_repo')) .set_method('POST') .set_data_from_obj(NEW_ORG_REPO_DETAILS)), - TestSpec(url_for('find_repos'), 200, 200, 200, 200), + TestSpec(url_for('api.find_repos'), 200, 200, 200, 200), - TestSpec(url_for('list_repos'), 200, 200, 200, 200), + TestSpec(url_for('api.list_repos'), 200, 200, 200, 200), - TestSpec(url_for('update_repo', repository=PUBLIC_REPO), + TestSpec(url_for('api.update_repo', repository=PUBLIC_REPO), admin_code=403).set_method('PUT'), - (TestSpec(url_for('update_repo', repository=ORG_REPO)) + (TestSpec(url_for('api.update_repo', repository=ORG_REPO)) .set_method('PUT') .set_data_from_obj(UPDATE_REPO_DETAILS)), - (TestSpec(url_for('update_repo', repository=PRIVATE_REPO)) + (TestSpec(url_for('api.update_repo', repository=PRIVATE_REPO)) .set_method('PUT') .set_data_from_obj(UPDATE_REPO_DETAILS)), - (TestSpec(url_for('change_repo_visibility', repository=PUBLIC_REPO), + (TestSpec(url_for('api.change_repo_visibility', repository=PUBLIC_REPO), admin_code=403).set_method('POST') .set_data_from_obj(CHANGE_VISIBILITY_DETAILS)), - (TestSpec(url_for('change_repo_visibility', repository=ORG_REPO)) + (TestSpec(url_for('api.change_repo_visibility', repository=ORG_REPO)) .set_method('POST').set_data_from_obj(CHANGE_VISIBILITY_DETAILS)), - (TestSpec(url_for('change_repo_visibility', repository=PRIVATE_REPO)) + (TestSpec(url_for('api.change_repo_visibility', repository=PRIVATE_REPO)) .set_method('POST').set_data_from_obj(CHANGE_VISIBILITY_DETAILS)), - TestSpec(url_for('delete_repository', repository=PUBLIC_REPO), + TestSpec(url_for('api.delete_repository', repository=PUBLIC_REPO), admin_code=403).set_method('DELETE'), - TestSpec(url_for('delete_repository', repository=ORG_REPO), + TestSpec(url_for('api.delete_repository', repository=ORG_REPO), admin_code=204).set_method('DELETE'), - TestSpec(url_for('delete_repository', repository=PRIVATE_REPO), + TestSpec(url_for('api.delete_repository', repository=PRIVATE_REPO), admin_code=204).set_method('DELETE'), - TestSpec(url_for('get_repo', repository=PUBLIC_REPO), + TestSpec(url_for('api.get_repo', repository=PUBLIC_REPO), 200, 200, 200,200), - TestSpec(url_for('get_repo', repository=ORG_REPO), + TestSpec(url_for('api.get_repo', repository=ORG_REPO), 403, 403, 200, 200), - TestSpec(url_for('get_repo', repository=PRIVATE_REPO), + TestSpec(url_for('api.get_repo', repository=PRIVATE_REPO), 403, 403, 200, 200), - TestSpec(url_for('get_repo_builds', repository=PUBLIC_REPO), + TestSpec(url_for('api.get_repo_builds', repository=PUBLIC_REPO), admin_code=403), - TestSpec(url_for('get_repo_builds', repository=ORG_REPO)), - TestSpec(url_for('get_repo_builds', repository=PRIVATE_REPO)), + TestSpec(url_for('api.get_repo_builds', repository=ORG_REPO)), + TestSpec(url_for('api.get_repo_builds', repository=PRIVATE_REPO)), - TestSpec(url_for('get_filedrop_url'), 401, 200, 200, + TestSpec(url_for('api.get_filedrop_url'), 401, 200, 200, 200).set_method('POST').set_data_from_obj(FILE_DROP_DETAILS), - (TestSpec(url_for('request_repo_build', repository=PUBLIC_REPO), + (TestSpec(url_for('api.request_repo_build', repository=PUBLIC_REPO), admin_code=403).set_method('POST') .set_data_from_obj(CREATE_BUILD_DETAILS)), - (TestSpec(url_for('request_repo_build', repository=ORG_REPO), + (TestSpec(url_for('api.request_repo_build', repository=ORG_REPO), admin_code=201).set_method('POST') .set_data_from_obj(CREATE_BUILD_DETAILS)), - (TestSpec(url_for('request_repo_build', repository=PRIVATE_REPO), + (TestSpec(url_for('api.request_repo_build', repository=PRIVATE_REPO), admin_code=201).set_method('POST') .set_data_from_obj(CREATE_BUILD_DETAILS)), - TestSpec(url_for('create_webhook', repository=PUBLIC_REPO), + TestSpec(url_for('api.create_webhook', repository=PUBLIC_REPO), admin_code=403).set_method('POST'), - TestSpec(url_for('create_webhook', + TestSpec(url_for('api.create_webhook', repository=ORG_REPO)).set_method('POST'), - TestSpec(url_for('create_webhook', + TestSpec(url_for('api.create_webhook', repository=PRIVATE_REPO)).set_method('POST'), - TestSpec(url_for('get_webhook', repository=PUBLIC_REPO, + TestSpec(url_for('api.get_webhook', repository=PUBLIC_REPO, public_id=FAKE_WEBHOOK), admin_code=403), - TestSpec(url_for('get_webhook', repository=ORG_REPO, + TestSpec(url_for('api.get_webhook', repository=ORG_REPO, public_id=FAKE_WEBHOOK), admin_code=400), - TestSpec(url_for('get_webhook', repository=PRIVATE_REPO, + TestSpec(url_for('api.get_webhook', repository=PRIVATE_REPO, public_id=FAKE_WEBHOOK), admin_code=400), - TestSpec(url_for('list_webhooks', repository=PUBLIC_REPO), admin_code=403), - TestSpec(url_for('list_webhooks', repository=ORG_REPO)), - TestSpec(url_for('list_webhooks', repository=PRIVATE_REPO)), + TestSpec(url_for('api.list_webhooks', repository=PUBLIC_REPO), + admin_code=403), + TestSpec(url_for('api.list_webhooks', repository=ORG_REPO)), + TestSpec(url_for('api.list_webhooks', repository=PRIVATE_REPO)), - TestSpec(url_for('delete_webhook', repository=PUBLIC_REPO, + TestSpec(url_for('api.delete_webhook', repository=PUBLIC_REPO, public_id=FAKE_WEBHOOK), admin_code=403).set_method('DELETE'), - TestSpec(url_for('delete_webhook', repository=ORG_REPO, + TestSpec(url_for('api.delete_webhook', repository=ORG_REPO, public_id=FAKE_WEBHOOK), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_webhook', repository=PRIVATE_REPO, + TestSpec(url_for('api.delete_webhook', repository=PRIVATE_REPO, public_id=FAKE_WEBHOOK), admin_code=400).set_method('DELETE'), - TestSpec(url_for('list_repository_images', repository=PUBLIC_REPO), + TestSpec(url_for('api.list_repository_images', repository=PUBLIC_REPO), 200, 200, 200, 200), - TestSpec(url_for('list_repository_images', repository=ORG_REPO), + TestSpec(url_for('api.list_repository_images', repository=ORG_REPO), 403, 403, 200, 200), - TestSpec(url_for('list_repository_images', repository=PRIVATE_REPO), + TestSpec(url_for('api.list_repository_images', repository=PRIVATE_REPO), 403, 403, 200, 200), - TestSpec(url_for('get_image', repository=PUBLIC_REPO, + TestSpec(url_for('api.get_image', repository=PUBLIC_REPO, image_id=FAKE_IMAGE_ID), 404, 404, 404, 404), - TestSpec(url_for('get_image', repository=ORG_REPO, + TestSpec(url_for('api.get_image', repository=ORG_REPO, image_id=FAKE_IMAGE_ID), 403, 403, 404, 404), - TestSpec(url_for('get_image', repository=PRIVATE_REPO, + TestSpec(url_for('api.get_image', repository=PRIVATE_REPO, image_id=FAKE_IMAGE_ID), 403, 403, 404, 404), - TestSpec(url_for('get_image_changes', repository=PUBLIC_REPO, + TestSpec(url_for('api.get_image_changes', repository=PUBLIC_REPO, image_id=FAKE_IMAGE_ID), 404, 404, 404, 404), - TestSpec(url_for('get_image_changes', repository=ORG_REPO, + TestSpec(url_for('api.get_image_changes', repository=ORG_REPO, image_id=FAKE_IMAGE_ID), 403, 403, 404, 404), - TestSpec(url_for('get_image_changes', repository=PRIVATE_REPO, + TestSpec(url_for('api.get_image_changes', repository=PRIVATE_REPO, image_id=FAKE_IMAGE_ID), 403, 403, 404, 404), - TestSpec(url_for('list_tag_images', repository=PUBLIC_REPO, + TestSpec(url_for('api.list_tag_images', repository=PUBLIC_REPO, tag=FAKE_TAG_NAME), 404, 404, 404, 404), - TestSpec(url_for('list_tag_images', repository=ORG_REPO, + TestSpec(url_for('api.list_tag_images', repository=ORG_REPO, tag=FAKE_TAG_NAME), 403, 403, 404, 404), - TestSpec(url_for('list_tag_images', repository=PRIVATE_REPO, + TestSpec(url_for('api.list_tag_images', repository=PRIVATE_REPO, tag=FAKE_TAG_NAME), 403, 403, 404, 404), - TestSpec(url_for('list_repo_team_permissions', repository=PUBLIC_REPO), + TestSpec(url_for('api.list_repo_team_permissions', repository=PUBLIC_REPO), admin_code=403), - TestSpec(url_for('list_repo_team_permissions', repository=ORG_REPO)), - TestSpec(url_for('list_repo_team_permissions', repository=PRIVATE_REPO)), + TestSpec(url_for('api.list_repo_team_permissions', repository=ORG_REPO)), + TestSpec(url_for('api.list_repo_team_permissions', + repository=PRIVATE_REPO)), - TestSpec(url_for('list_repo_user_permissions', repository=PUBLIC_REPO), + TestSpec(url_for('api.list_repo_user_permissions', repository=PUBLIC_REPO), admin_code=403), - TestSpec(url_for('list_repo_user_permissions', repository=ORG_REPO)), - TestSpec(url_for('list_repo_user_permissions', repository=PRIVATE_REPO)), + TestSpec(url_for('api.list_repo_user_permissions', repository=ORG_REPO)), + TestSpec(url_for('api.list_repo_user_permissions', + repository=PRIVATE_REPO)), - TestSpec(url_for('get_user_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.get_user_permissions', repository=PUBLIC_REPO, username=FAKE_USERNAME), admin_code=403), - TestSpec(url_for('get_user_permissions', repository=ORG_REPO, + TestSpec(url_for('api.get_user_permissions', repository=ORG_REPO, username=FAKE_USERNAME), admin_code=400), - TestSpec(url_for('get_user_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.get_user_permissions', repository=PRIVATE_REPO, username=FAKE_USERNAME), admin_code=400), - TestSpec(url_for('get_team_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.get_team_permissions', repository=PUBLIC_REPO, teamname=ORG_OWNERS), admin_code=403), - TestSpec(url_for('get_team_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.get_team_permissions', repository=PUBLIC_REPO, teamname=ORG_READERS), admin_code=403), - TestSpec(url_for('get_team_permissions', repository=ORG_REPO, + TestSpec(url_for('api.get_team_permissions', repository=ORG_REPO, teamname=ORG_OWNERS), admin_code=400), - TestSpec(url_for('get_team_permissions', repository=ORG_REPO, + TestSpec(url_for('api.get_team_permissions', repository=ORG_REPO, teamname=ORG_READERS)), - TestSpec(url_for('get_team_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.get_team_permissions', repository=PRIVATE_REPO, teamname=ORG_OWNERS), admin_code=400), - TestSpec(url_for('get_team_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.get_team_permissions', repository=PRIVATE_REPO, teamname=ORG_READERS), admin_code=400), - TestSpec(url_for('change_user_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.change_user_permissions', repository=PUBLIC_REPO, username=FAKE_USERNAME), admin_code=403).set_method('PUT'), - TestSpec(url_for('change_user_permissions', repository=ORG_REPO, + TestSpec(url_for('api.change_user_permissions', repository=ORG_REPO, username=FAKE_USERNAME), admin_code=400).set_method('PUT'), - TestSpec(url_for('change_user_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.change_user_permissions', repository=PRIVATE_REPO, username=FAKE_USERNAME), admin_code=400).set_method('PUT'), - (TestSpec(url_for('change_team_permissions', repository=PUBLIC_REPO, + (TestSpec(url_for('api.change_team_permissions', repository=PUBLIC_REPO, teamname=ORG_OWNERS), admin_code=403) .set_method('PUT') .set_data_from_obj(CHANGE_PERMISSION_DETAILS)), - (TestSpec(url_for('change_team_permissions', repository=PUBLIC_REPO, + (TestSpec(url_for('api.change_team_permissions', repository=PUBLIC_REPO, teamname=ORG_READERS), admin_code=403) .set_method('PUT') .set_data_from_obj(CHANGE_PERMISSION_DETAILS)), - (TestSpec(url_for('change_team_permissions', repository=ORG_REPO, + (TestSpec(url_for('api.change_team_permissions', repository=ORG_REPO, teamname=ORG_OWNERS)) .set_method('PUT') .set_data_from_obj(CHANGE_PERMISSION_DETAILS)), - (TestSpec(url_for('change_team_permissions', repository=ORG_REPO, + (TestSpec(url_for('api.change_team_permissions', repository=ORG_REPO, teamname=ORG_READERS)) .set_method('PUT') .set_data_from_obj(CHANGE_PERMISSION_DETAILS)), - (TestSpec(url_for('change_team_permissions', repository=PRIVATE_REPO, + (TestSpec(url_for('api.change_team_permissions', repository=PRIVATE_REPO, teamname=ORG_OWNERS), admin_code=400) .set_method('PUT') .set_data_from_obj(CHANGE_PERMISSION_DETAILS)), - (TestSpec(url_for('change_team_permissions', repository=PRIVATE_REPO, + (TestSpec(url_for('api.change_team_permissions', repository=PRIVATE_REPO, teamname=ORG_READERS), admin_code=400) .set_method('PUT') .set_data_from_obj(CHANGE_PERMISSION_DETAILS)), - TestSpec(url_for('delete_user_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.delete_user_permissions', repository=PUBLIC_REPO, username=FAKE_USERNAME), admin_code=403).set_method('DELETE'), - TestSpec(url_for('delete_user_permissions', repository=ORG_REPO, + TestSpec(url_for('api.delete_user_permissions', repository=ORG_REPO, username=FAKE_USERNAME), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_user_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.delete_user_permissions', repository=PRIVATE_REPO, username=FAKE_USERNAME), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_team_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.delete_team_permissions', repository=PUBLIC_REPO, teamname=ORG_OWNERS), admin_code=403).set_method('DELETE'), - TestSpec(url_for('delete_team_permissions', repository=PUBLIC_REPO, + TestSpec(url_for('api.delete_team_permissions', repository=PUBLIC_REPO, teamname=ORG_READERS), admin_code=403).set_method('DELETE'), - TestSpec(url_for('delete_team_permissions', repository=ORG_REPO, + TestSpec(url_for('api.delete_team_permissions', repository=ORG_REPO, teamname=ORG_OWNERS), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_team_permissions', repository=ORG_REPO, + TestSpec(url_for('api.delete_team_permissions', repository=ORG_REPO, teamname=ORG_READERS), admin_code=204).set_method('DELETE'), - TestSpec(url_for('delete_team_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.delete_team_permissions', repository=PRIVATE_REPO, teamname=ORG_OWNERS), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_team_permissions', repository=PRIVATE_REPO, + TestSpec(url_for('api.delete_team_permissions', repository=PRIVATE_REPO, teamname=ORG_READERS), admin_code=400).set_method('DELETE'), - TestSpec(url_for('list_repo_tokens', repository=PUBLIC_REPO), + TestSpec(url_for('api.list_repo_tokens', repository=PUBLIC_REPO), admin_code=403), - TestSpec(url_for('list_repo_tokens', repository=ORG_REPO)), - TestSpec(url_for('list_repo_tokens', repository=PRIVATE_REPO)), + TestSpec(url_for('api.list_repo_tokens', repository=ORG_REPO)), + TestSpec(url_for('api.list_repo_tokens', repository=PRIVATE_REPO)), - TestSpec(url_for('get_tokens', repository=PUBLIC_REPO, code=FAKE_TOKEN), - admin_code=403), - TestSpec(url_for('get_tokens', repository=ORG_REPO, code=FAKE_TOKEN), - admin_code=400), - TestSpec(url_for('get_tokens', repository=PRIVATE_REPO, code=FAKE_TOKEN), + TestSpec(url_for('api.get_tokens', repository=PUBLIC_REPO, + code=FAKE_TOKEN), admin_code=403), + TestSpec(url_for('api.get_tokens', repository=ORG_REPO, code=FAKE_TOKEN), admin_code=400), + TestSpec(url_for('api.get_tokens', repository=PRIVATE_REPO, + code=FAKE_TOKEN), admin_code=400), - TestSpec(url_for('create_token', repository=PUBLIC_REPO), + TestSpec(url_for('api.create_token', repository=PUBLIC_REPO), admin_code=403).set_method('POST'), - (TestSpec(url_for('create_token', repository=ORG_REPO), + (TestSpec(url_for('api.create_token', repository=ORG_REPO), admin_code=201).set_method('POST') .set_data_from_obj(CREATE_TOKEN_DETAILS)), - (TestSpec(url_for('create_token', repository=PRIVATE_REPO), + (TestSpec(url_for('api.create_token', repository=PRIVATE_REPO), admin_code=201).set_method('POST') .set_data_from_obj(CREATE_TOKEN_DETAILS)), - TestSpec(url_for('change_token', repository=PUBLIC_REPO, code=FAKE_TOKEN), - admin_code=403).set_method('PUT'), - TestSpec(url_for('change_token', repository=ORG_REPO, code=FAKE_TOKEN), + TestSpec(url_for('api.change_token', repository=PUBLIC_REPO, + code=FAKE_TOKEN), admin_code=403).set_method('PUT'), + TestSpec(url_for('api.change_token', repository=ORG_REPO, code=FAKE_TOKEN), admin_code=400).set_method('PUT'), - TestSpec(url_for('change_token', repository=PRIVATE_REPO, + TestSpec(url_for('api.change_token', repository=PRIVATE_REPO, code=FAKE_TOKEN), admin_code=400).set_method('PUT'), - TestSpec(url_for('delete_token', repository=PUBLIC_REPO, code=FAKE_TOKEN), - admin_code=403).set_method('DELETE'), - TestSpec(url_for('delete_token', repository=ORG_REPO, code=FAKE_TOKEN), + TestSpec(url_for('api.delete_token', repository=PUBLIC_REPO, + code=FAKE_TOKEN), admin_code=403).set_method('DELETE'), + TestSpec(url_for('api.delete_token', repository=ORG_REPO, code=FAKE_TOKEN), admin_code=400).set_method('DELETE'), - TestSpec(url_for('delete_token', repository=PRIVATE_REPO, + TestSpec(url_for('api.delete_token', repository=PRIVATE_REPO, code=FAKE_TOKEN), admin_code=400).set_method('DELETE'), - TestSpec(url_for('update_user_subscription'), 401, 400, 400, 400).set_method('PUT'), + TestSpec(url_for('api.update_user_subscription'), + 401, 400, 400, 400).set_method('PUT'), - TestSpec(url_for('update_org_subscription', orgname=ORG), + TestSpec(url_for('api.update_org_subscription', orgname=ORG), 401, 403, 403, 400).set_method('PUT'), - TestSpec(url_for('get_user_subscription'), 401, 200, 200, 200), + TestSpec(url_for('api.get_user_subscription'), 401, 200, 200, 200), - TestSpec(url_for('get_org_subscription', orgname=ORG)), + TestSpec(url_for('api.get_org_subscription', orgname=ORG)), - TestSpec(url_for('list_repo_logs', repository=PUBLIC_REPO), admin_code=403), - TestSpec(url_for('list_repo_logs', repository=ORG_REPO)), - TestSpec(url_for('list_repo_logs', repository=PRIVATE_REPO)), + TestSpec(url_for('api.list_repo_logs', repository=PUBLIC_REPO), + admin_code=403), + TestSpec(url_for('api.list_repo_logs', repository=ORG_REPO)), + TestSpec(url_for('api.list_repo_logs', repository=PRIVATE_REPO)), - TestSpec(url_for('list_org_logs', orgname=ORG)), + TestSpec(url_for('api.list_org_logs', orgname=ORG)), ] @@ -460,120 +466,132 @@ class IndexTestSpec(object): def build_index_specs(): return [ - IndexTestSpec(url_for('get_image_layer', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_layer', image_id=FAKE_IMAGE_ID), PUBLIC_REPO, 200, 200, 200, 200), - IndexTestSpec(url_for('get_image_layer', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_layer', image_id=FAKE_IMAGE_ID), PRIVATE_REPO), - IndexTestSpec(url_for('get_image_layer', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_layer', image_id=FAKE_IMAGE_ID), ORG_REPO), - IndexTestSpec(url_for('put_image_layer', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_layer', image_id=FAKE_IMAGE_ID), PUBLIC_REPO, 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('put_image_layer', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_layer', image_id=FAKE_IMAGE_ID), PRIVATE_REPO, 403, 403, 403, 404).set_method('PUT'), - IndexTestSpec(url_for('put_image_layer', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_layer', image_id=FAKE_IMAGE_ID), ORG_REPO, 403, 403, 403, 404).set_method('PUT'), - IndexTestSpec(url_for('put_image_checksum', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_checksum', + image_id=FAKE_IMAGE_ID), PUBLIC_REPO, 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('put_image_checksum', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_checksum', + image_id=FAKE_IMAGE_ID), PRIVATE_REPO, 403, 403, 403, 400).set_method('PUT'), - IndexTestSpec(url_for('put_image_checksum', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_checksum', + image_id=FAKE_IMAGE_ID), ORG_REPO, 403, 403, 403, 400).set_method('PUT'), - IndexTestSpec(url_for('get_image_json', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_json', image_id=FAKE_IMAGE_ID), PUBLIC_REPO, 404, 404, 404, 404), - IndexTestSpec(url_for('get_image_json', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_json', image_id=FAKE_IMAGE_ID), PRIVATE_REPO, 403, 403, 404, 404), - IndexTestSpec(url_for('get_image_json', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_json', image_id=FAKE_IMAGE_ID), ORG_REPO, 403, 403, 404, 404), - IndexTestSpec(url_for('get_image_ancestry', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_ancestry', + image_id=FAKE_IMAGE_ID), PUBLIC_REPO, 404, 404, 404, 404), - IndexTestSpec(url_for('get_image_ancestry', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_ancestry', + image_id=FAKE_IMAGE_ID), PRIVATE_REPO, 403, 403, 404, 404), - IndexTestSpec(url_for('get_image_ancestry', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.get_image_ancestry', + image_id=FAKE_IMAGE_ID), ORG_REPO, 403, 403, 404, 404), - IndexTestSpec(url_for('put_image_json', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_json', image_id=FAKE_IMAGE_ID), PUBLIC_REPO, 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('put_image_json', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_json', image_id=FAKE_IMAGE_ID), PRIVATE_REPO, 403, 403, 403, 400).set_method('PUT'), - IndexTestSpec(url_for('put_image_json', image_id=FAKE_IMAGE_ID), + IndexTestSpec(url_for('registry.put_image_json', image_id=FAKE_IMAGE_ID), ORG_REPO, 403, 403, 403, 400).set_method('PUT'), - IndexTestSpec(url_for('create_user'), NO_REPO, 201, 201, 201, + IndexTestSpec(url_for('index.create_user'), NO_REPO, 201, 201, 201, 201).set_method('POST').set_data_from_obj(NEW_USER_DETAILS), - IndexTestSpec(url_for('get_user'), NO_REPO, 404, 200, 200, 200), + IndexTestSpec(url_for('index.get_user'), NO_REPO, 404, 200, 200, 200), - IndexTestSpec(url_for('update_user', username=FAKE_USERNAME), + IndexTestSpec(url_for('index.update_user', username=FAKE_USERNAME), NO_REPO, 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('create_repository', repository=PUBLIC_REPO), + IndexTestSpec(url_for('index.create_repository', repository=PUBLIC_REPO), NO_REPO, 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('create_repository', repository=PRIVATE_REPO), + IndexTestSpec(url_for('index.create_repository', repository=PRIVATE_REPO), NO_REPO, 403, 403, 403, 201).set_method('PUT'), - IndexTestSpec(url_for('create_repository', repository=ORG_REPO), + IndexTestSpec(url_for('index.create_repository', repository=ORG_REPO), NO_REPO, 403, 403, 403, 201).set_method('PUT'), - IndexTestSpec(url_for('update_images', repository=PUBLIC_REPO), NO_REPO, - 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('update_images', repository=PRIVATE_REPO), NO_REPO, - 403, 403, 403, 204).set_method('PUT'), - IndexTestSpec(url_for('update_images', repository=ORG_REPO), NO_REPO, + IndexTestSpec(url_for('index.update_images', repository=PUBLIC_REPO), + NO_REPO, 403, 403, 403, 403).set_method('PUT'), + IndexTestSpec(url_for('index.update_images', repository=PRIVATE_REPO), + NO_REPO, 403, 403, 403, 204).set_method('PUT'), + IndexTestSpec(url_for('index.update_images', repository=ORG_REPO), NO_REPO, 403, 403, 403, 204).set_method('PUT'), - IndexTestSpec(url_for('get_repository_images', repository=PUBLIC_REPO), + IndexTestSpec(url_for('index.get_repository_images', + repository=PUBLIC_REPO), NO_REPO, 200, 200, 200, 200), - IndexTestSpec(url_for('get_repository_images', repository=PRIVATE_REPO)), - IndexTestSpec(url_for('get_repository_images', repository=ORG_REPO)), + IndexTestSpec(url_for('index.get_repository_images', + repository=PRIVATE_REPO)), + IndexTestSpec(url_for('index.get_repository_images', repository=ORG_REPO)), - IndexTestSpec(url_for('delete_repository_images', repository=PUBLIC_REPO), + IndexTestSpec(url_for('index.delete_repository_images', + repository=PUBLIC_REPO), NO_REPO, 501, 501, 501, 501).set_method('DELETE'), - IndexTestSpec(url_for('put_repository_auth', repository=PUBLIC_REPO), + IndexTestSpec(url_for('index.put_repository_auth', repository=PUBLIC_REPO), NO_REPO, 501, 501, 501, 501).set_method('PUT'), - IndexTestSpec(url_for('get_search'), NO_REPO, 501, 501, 501, 501), + IndexTestSpec(url_for('index.get_search'), NO_REPO, 501, 501, 501, 501), - IndexTestSpec(url_for('ping'), NO_REPO, 200, 200, 200, 200), + IndexTestSpec(url_for('index.ping'), NO_REPO, 200, 200, 200, 200), - IndexTestSpec(url_for('get_tags', repository=PUBLIC_REPO), NO_REPO, + IndexTestSpec(url_for('tags.get_tags', repository=PUBLIC_REPO), NO_REPO, 200, 200, 200, 200), - IndexTestSpec(url_for('get_tags', repository=PRIVATE_REPO)), - IndexTestSpec(url_for('get_tags', repository=ORG_REPO)), + IndexTestSpec(url_for('tags.get_tags', repository=PRIVATE_REPO)), + IndexTestSpec(url_for('tags.get_tags', repository=ORG_REPO)), - IndexTestSpec(url_for('get_tag', repository=PUBLIC_REPO, + IndexTestSpec(url_for('tags.get_tag', repository=PUBLIC_REPO, tag=FAKE_TAG_NAME), NO_REPO, 400, 400, 400, 400), - IndexTestSpec(url_for('get_tag', repository=PRIVATE_REPO, + IndexTestSpec(url_for('tags.get_tag', repository=PRIVATE_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 400, 400), - IndexTestSpec(url_for('get_tag', repository=ORG_REPO, + IndexTestSpec(url_for('tags.get_tag', repository=ORG_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 400, 400), - IndexTestSpec(url_for('put_tag', repository=PUBLIC_REPO, + IndexTestSpec(url_for('tags.put_tag', repository=PUBLIC_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 403).set_method('PUT'), - IndexTestSpec(url_for('put_tag', repository=PRIVATE_REPO, + IndexTestSpec(url_for('tags.put_tag', repository=PRIVATE_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 400).set_method('PUT'), - IndexTestSpec(url_for('put_tag', repository=ORG_REPO, tag=FAKE_TAG_NAME), + IndexTestSpec(url_for('tags.put_tag', repository=ORG_REPO, + tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 400).set_method('PUT'), - IndexTestSpec(url_for('delete_tag', repository=PUBLIC_REPO, + IndexTestSpec(url_for('tags.delete_tag', repository=PUBLIC_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 403).set_method('DELETE'), - IndexTestSpec(url_for('delete_tag', repository=PRIVATE_REPO, + IndexTestSpec(url_for('tags.delete_tag', repository=PRIVATE_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 400).set_method('DELETE'), - IndexTestSpec(url_for('delete_tag', repository=ORG_REPO, + IndexTestSpec(url_for('tags.delete_tag', repository=ORG_REPO, tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 400).set_method('DELETE'), - IndexTestSpec(url_for('delete_repository_tags', repository=PUBLIC_REPO), + IndexTestSpec(url_for('tags.delete_repository_tags', + repository=PUBLIC_REPO), NO_REPO, 403, 403, 403, 403).set_method('DELETE'), - IndexTestSpec(url_for('delete_repository_tags', repository=PRIVATE_REPO), + IndexTestSpec(url_for('tags.delete_repository_tags', + repository=PRIVATE_REPO), NO_REPO, 403, 403, 403, 204).set_method('DELETE'), - IndexTestSpec(url_for('delete_repository_tags', repository=ORG_REPO), + IndexTestSpec(url_for('tags.delete_repository_tags', repository=ORG_REPO), NO_REPO, 403, 403, 403, 204).set_method('DELETE'), ] diff --git a/test/test_api_security.py b/test/test_api_security.py index 49a5bc8a5..0c68fcd6f 100644 --- a/test/test_api_security.py +++ b/test/test_api_security.py @@ -1,13 +1,14 @@ import unittest -import json - -import endpoints.api +from endpoints.api import api from app import app from initdb import wipe_database, initialize_database, populate_database from specs import build_specs +app.register_blueprint(api, url_prefix='/api') + + NO_ACCESS_USER = 'freshuser' READ_ACCESS_USER = 'reader' ADMIN_ACCESS_USER = 'devtable' diff --git a/test/test_endpoint_security.py b/test/test_endpoint_security.py index e762ec5ea..d810b96eb 100644 --- a/test/test_endpoint_security.py +++ b/test/test_endpoint_security.py @@ -1,13 +1,17 @@ import unittest -import endpoints.registry -import endpoints.index -import endpoints.tags - from app import app from util.names import parse_namespace_repository from initdb import wipe_database, initialize_database, populate_database from specs import build_index_specs +from endpoints.registry import registry +from endpoints.index import index +from endpoints.tags import tags + + +app.register_blueprint(index, url_prefix='/v1') +app.register_blueprint(tags, url_prefix='/v1') +app.register_blueprint(registry, url_prefix='/v1') NO_ACCESS_USER = 'freshuser'