Add some tests to make sure our docker API is properly respecting auth.

2013-11-07 17:10:57 -05:00 · 2013-11-07 17:10:57 -05:00 · 8a738c2bf9
commit 8a738c2bf9
parent 05ccd4e793
5 changed files with 278 additions and 15 deletions
--- a/test/test_api_security.py
+++ b/test/test_api_security.py
@ -4,7 +4,6 @@ import json
 import endpoints.api

 from app import app
-from data import model
 from initdb import wipe_database, initialize_database, populate_database
 from specs import build_specs

@ -21,7 +20,7 @@ class ApiTestCase(unittest.TestCase):
    populate_database()


-class SpecTestBuilder(type):
+class _SpecTestBuilder(type):
  @staticmethod
  def _test_generator(url, expected_status, open_kwargs, auth_username=None):
    def test(self):
@ -42,8 +41,6 @@ class SpecTestBuilder(type):
        rv = c.open(url, **open_kwargs)
        msg = '%s %s: %s expected: %s' % (open_kwargs['method'], url,
                                          rv.status_code, expected_status)
-        if rv.status_code != expected_status:
-          print msg
        self.assertEqual(rv.status_code, expected_status, msg)   
    return test

@ -54,9 +51,9 @@ class SpecTestBuilder(type):
      for test_spec in specs:
        url, open_kwargs = test_spec.get_client_args()
        expected_status = getattr(test_spec, attrs['result_attr'])
-        test = SpecTestBuilder._test_generator(url, expected_status,
-                                               open_kwargs,
-                                               attrs['auth_username'])
+        test = _SpecTestBuilder._test_generator(url, expected_status,
+                                                open_kwargs,
+                                                attrs['auth_username'])

        test_name_url = url.replace('/', '_').replace('-', '_')
        test_name = 'test_%s_%s' % (open_kwargs['method'].lower(),
@ -67,28 +64,28 @@ class SpecTestBuilder(type):


 class TestAnonymousAccess(ApiTestCase):
-  __metaclass__ = SpecTestBuilder
+  __metaclass__ = _SpecTestBuilder
  spec_func = build_specs
  result_attr = 'anon_code'
  auth_username = None


 class TestNoAccess(ApiTestCase):
-  __metaclass__ = SpecTestBuilder
+  __metaclass__ = _SpecTestBuilder
  spec_func = build_specs
  result_attr = 'no_access_code'
  auth_username = NO_ACCESS_USER


 class TestReadAccess(ApiTestCase):
-  __metaclass__ = SpecTestBuilder
+  __metaclass__ = _SpecTestBuilder
  spec_func = build_specs
  result_attr = 'read_code'
  auth_username = READ_ACCESS_USER


 class TestAdminAccess(ApiTestCase):
-  __metaclass__ = SpecTestBuilder
+  __metaclass__ = _SpecTestBuilder
  spec_func = build_specs
  result_attr = 'admin_code'
  auth_username = ADMIN_ACCESS_USER