Add ability for users to see their authorized applications and revoke the access

2014-03-24 20:57:02 -04:00 · 2014-03-24 20:57:02 -04:00 · c82d1ffe98
commit c82d1ffe98
parent e92cf37583
10 changed files with 262 additions and 3 deletions
--- a/test/test_api_usage.py
+++ b/test/test_api_usage.py
@ -18,7 +18,9 @@ from endpoints.api.trigger import (BuildTriggerActivate, BuildTriggerSources, Bu
                                   TriggerBuildList, ActivateBuildTrigger, BuildTrigger,
                                   BuildTriggerList)
 from endpoints.api.webhook import Webhook, WebhookList
-from endpoints.api.user import PrivateRepositories, ConvertToOrganization, Signout, Signin, User
+from endpoints.api.user import (PrivateRepositories, ConvertToOrganization, Signout, Signin, User,
+                                UserAuthorizationList, UserAuthorization)
+
 from endpoints.api.repotoken import RepositoryToken, RepositoryTokenList
 from endpoints.api.prototype import PermissionPrototype, PermissionPrototypeList
 from endpoints.api.logs import UserLogs, OrgLogs
@ -1624,5 +1626,32 @@ class TestBuildTriggers(ApiTestCase):
    self.assertEquals("build-name", start_json['display_name'])
    self.assertEquals(['bar'], start_json['job_config']['docker_tags'])

+
+
+class TestUserAuthorizations(ApiTestCase):
+  def test_list_get_delete_user_authorizations(self):
+    self.login(ADMIN_ACCESS_USER)
+
+    json = self.getJsonResponse(UserAuthorizationList)
+        
+    self.assertEquals(1, len(json['authorizations']))
+
+    authorization = json['authorizations'][0]
+
+    assert 'uuid' in authorization
+    assert 'scopes' in authorization
+    assert 'application' in authorization
+
+    # Retrieve the authorization.
+    get_json = self.getJsonResponse(UserAuthorization, params=dict(access_token_uuid = authorization['uuid']))
+    self.assertEquals(authorization, get_json)
+
+    # Delete the authorization.
+    self.deleteResponse(UserAuthorization, params=dict(access_token_uuid = authorization['uuid']))
+
+    # Verify it has been deleted.
+    self.getJsonResponse(UserAuthorization, params=dict(access_token_uuid = authorization['uuid']),
+                         expected_code=404)
+
 if __name__ == '__main__':
  unittest.main()