Merge pull request #3138 from quay/pytest-api-security
Fully migrate API security tests into the pytest test suite
This commit is contained in:
Joseph Schorr
GitHub
commit
8d6946bd9e
7 changed files with 1340 additions and 4493 deletions
|
|
@ -38,16 +38,17 @@ def test_lookup_userfile(app, client):
|
|||
storage_mock.stream_read_file = _stream_read_file
|
||||
|
||||
app.config['USERFILES_PATH'] = 'foo'
|
||||
Userfiles(app, distributed_storage=storage_mock)
|
||||
Userfiles(app, distributed_storage=storage_mock, path='mockuserfiles',
|
||||
handler_name='mockuserfiles')
|
||||
|
||||
rv = client.open('/userfiles/' + uuid, method='GET')
|
||||
rv = client.open('/mockuserfiles/' + uuid, method='GET')
|
||||
assert rv.status_code == 200
|
||||
|
||||
rv = client.open('/userfiles/' + upper_uuid, method='GET')
|
||||
rv = client.open('/mockuserfiles/' + upper_uuid, method='GET')
|
||||
assert rv.status_code == 200
|
||||
|
||||
rv = client.open('/userfiles/' + bad_uuid, method='GET')
|
||||
rv = client.open('/mockuserfiles/' + bad_uuid, method='GET')
|
||||
assert rv.status_code == 404
|
||||
|
||||
rv = client.open('/userfiles/foo/bar/baz', method='GET')
|
||||
rv = client.open('/mockuserfiles/foo/bar/baz', method='GET')
|
||||
assert rv.status_code == 404
|
||||
|
|
|
|||
|
|
@ -128,23 +128,23 @@ class DelegateUserfiles(object):
|
|||
|
||||
|
||||
class Userfiles(object):
|
||||
def __init__(self, app=None, distributed_storage=None):
|
||||
def __init__(self, app=None, distributed_storage=None, path='userfiles',
|
||||
handler_name='userfiles_handler'):
|
||||
self.app = app
|
||||
if app is not None:
|
||||
self.state = self.init_app(app, distributed_storage)
|
||||
self.state = self.init_app(app, distributed_storage, path=path, handler_name=handler_name)
|
||||
else:
|
||||
self.state = None
|
||||
|
||||
def init_app(self, app, distributed_storage):
|
||||
def init_app(self, app, distributed_storage, path='userfiles', handler_name='userfiles_handler'):
|
||||
location = app.config.get('USERFILES_LOCATION')
|
||||
path = app.config.get('USERFILES_PATH', None)
|
||||
userfiles_path = app.config.get('USERFILES_PATH', None)
|
||||
|
||||
if path is not None:
|
||||
handler_name = 'userfiles_handlers'
|
||||
userfiles = DelegateUserfiles(app, distributed_storage, location, path,
|
||||
if userfiles_path is not None:
|
||||
userfiles = DelegateUserfiles(app, distributed_storage, location, userfiles_path,
|
||||
handler_name=handler_name)
|
||||
|
||||
app.add_url_rule('/userfiles/<regex("[0-9a-zA-Z-]+"):file_id>',
|
||||
app.add_url_rule('/%s/<regex("[0-9a-zA-Z-]+"):file_id>' % path,
|
||||
view_func=UserfilesHandlers.as_view(handler_name,
|
||||
distributed_storage=distributed_storage,
|
||||
location=location,
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -14,11 +14,11 @@ CSRF_TOKEN = '123csrfforme'
|
|||
@contextmanager
|
||||
def client_with_identity(auth_username, client):
|
||||
with client.session_transaction() as sess:
|
||||
sess[CSRF_TOKEN_KEY] = CSRF_TOKEN
|
||||
if auth_username and auth_username is not None:
|
||||
loaded = model.user.get_user(auth_username)
|
||||
sess['user_id'] = loaded.uuid
|
||||
sess['login_time'] = datetime.datetime.now()
|
||||
sess[CSRF_TOKEN_KEY] = CSRF_TOKEN
|
||||
else:
|
||||
sess['user_id'] = 'anonymous'
|
||||
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ import shutil
|
|||
from flask import Flask, jsonify
|
||||
from flask_login import LoginManager
|
||||
from flask_principal import identity_loaded, Permission, Identity, identity_changed, Principal
|
||||
from flask_mail import Mail
|
||||
from peewee import SqliteDatabase, savepoint, InternalError
|
||||
|
||||
from app import app as application
|
||||
|
|
@ -14,6 +15,7 @@ from auth.permissions import on_identity_loaded
|
|||
from data import model
|
||||
from data.database import close_db_filter, db, configure
|
||||
from data.model.user import LoginWrappedDBUser
|
||||
from data.userfiles import Userfiles
|
||||
from endpoints.api import api_bp
|
||||
from endpoints.appr import appr_bp
|
||||
from endpoints.web import web
|
||||
|
|
@ -124,6 +126,9 @@ def appconfig(database_uri):
|
|||
"DATA_MODEL_CACHE_CONFIG": {
|
||||
'engine': 'inmemory',
|
||||
},
|
||||
"USERFILES_PATH": "userfiles/",
|
||||
"MAIL_SERVER": "",
|
||||
"MAIL_DEFAULT_SENDER": 'support@quay.io',
|
||||
}
|
||||
return conf
|
||||
|
||||
|
|
@ -192,4 +197,8 @@ def app(appconfig, initialized_db):
|
|||
app.register_blueprint(webhooks, url_prefix='/webhooks')
|
||||
|
||||
app.config.update(appconfig)
|
||||
|
||||
Userfiles(app)
|
||||
Mail(app)
|
||||
|
||||
return app
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -42,6 +42,7 @@ class TestConfig(DefaultConfig):
|
|||
BUILDLOGS_OPTIONS = ['devtable', 'building', 'deadbeef-dead-beef-dead-beefdeadbeef', False]
|
||||
|
||||
USERFILES_LOCATION = 'local_us'
|
||||
USERFILES_PATH= "userfiles/"
|
||||
|
||||
FEATURE_SUPER_USERS = True
|
||||
FEATURE_BILLING = True
|
||||
|
|
|
|||
Reference in a new issue