Add tests for the new super user config API and make sure both super user API endpoint sets are all guarded against being used in production

2015-01-08 12:53:36 -05:00 · 2015-01-08 12:53:36 -05:00 · 7933bd44fd
commit 7933bd44fd
parent 575d4c5062
4 changed files with 224 additions and 15 deletions
--- a/endpoints/api/superuser.py
+++ b/endpoints/api/superuser.py
@ -10,7 +10,7 @@ from flask import request
 from endpoints.api import (ApiResource, nickname, resource, validate_json_request, request_error,
                           log_action, internal_only, NotFound, require_user_admin, format_date,
                           InvalidToken, require_scope, format_date, hide_if, show_if, parse_args,
-                           query_param, abort, require_fresh_login, path_param)
+                           query_param, abort, require_fresh_login, path_param, verify_not_prod)

 from endpoints.api.logs import get_logs

@ -38,6 +38,7 @@ def get_services():
 class SuperUserGetLogsForService(ApiResource):
  """ Resource for fetching the kinds of system logs in the system. """
  @require_fresh_login
+  @verify_not_prod
  @nickname('getSystemLogs')
  def get(self, service):
    """ Returns the logs for the specific service. """
@ -65,6 +66,7 @@ class SuperUserGetLogsForService(ApiResource):
 class SuperUserSystemLogServices(ApiResource):
  """ Resource for fetching the kinds of system logs in the system. """
  @require_fresh_login
+  @verify_not_prod
  @nickname('listSystemLogServices')
  def get(self):
    """ List the system logs for the current system. """
@ -83,6 +85,7 @@ class SuperUserSystemLogServices(ApiResource):
 class SuperUserLogs(ApiResource):
  """ Resource for fetching all logs in the system. """
  @require_fresh_login
+  @verify_not_prod
  @nickname('listAllLogs')
  @parse_args
  @query_param('starttime', 'Earliest time from which to get logs. (%m/%d/%Y %Z)', type=str)
@ -115,6 +118,7 @@ def user_view(user):
 class UsageInformation(ApiResource):
  """ Resource for returning the usage information for enterprise customers. """
  @require_fresh_login
+  @verify_not_prod
  @nickname('getSystemUsage')
  def get(self):
    """ Returns the number of repository handles currently held. """
@ -153,6 +157,7 @@ class SuperUserList(ApiResource):
  }

  @require_fresh_login
+  @verify_not_prod
  @nickname('listAllUsers')
  def get(self):
    """ Returns a list of all users in the system. """
@ -166,6 +171,7 @@ class SuperUserList(ApiResource):


  @require_fresh_login
+  @verify_not_prod
  @nickname('createInstallUser')
  @validate_json_request('CreateInstallUser')
  def post(self):
@ -203,6 +209,7 @@ class SuperUserList(ApiResource):
 class SuperUserSendRecoveryEmail(ApiResource):
  """ Resource for sending a recovery user on behalf of a user. """
  @require_fresh_login
+  @verify_not_prod
  @nickname('sendInstallUserRecoveryEmail')
  def post(self, username):
    if SuperUserPermission().can():
@ -247,6 +254,7 @@ class SuperUserManagement(ApiResource):
  }

  @require_fresh_login
+  @verify_not_prod
  @nickname('getInstallUser')
  def get(self, username):
    """ Returns information about the specified user. """
@ -260,6 +268,7 @@ class SuperUserManagement(ApiResource):
    abort(403)

  @require_fresh_login
+  @verify_not_prod
  @nickname('deleteInstallUser')
  def delete(self, username):
    """ Deletes the specified user. """
@ -277,6 +286,7 @@ class SuperUserManagement(ApiResource):
    abort(403)

  @require_fresh_login
+  @verify_not_prod
  @nickname('changeInstallUser')
  @validate_json_request('UpdateUser')
  def put(self, username):