diff --git a/test/test_api_security.py b/test/test_api_security.py index f0a2d59f0..34fe7ee18 100644 --- a/test/test_api_security.py +++ b/test/test_api_security.py @@ -36,6 +36,9 @@ from endpoints.api.repository import RepositoryList, RepositoryVisibility, Repos from endpoints.api.permission import (RepositoryUserPermission, RepositoryTeamPermission, RepositoryTeamPermissionList, RepositoryUserPermissionList) +from endpoints.api.superuser import SuperUserLogs, SeatUsage, SuperUserList, SuperUserManagement + + try: app.register_blueprint(api_bp, url_prefix='/api') except ValueError: @@ -3275,5 +3278,87 @@ class TestUserAuthorization(ApiTestCase): self._run_test('DELETE', 404, 'devtable', None) +class TestSuperUserLogs(ApiTestCase): + def setUp(self): + ApiTestCase.setUp(self) + self._set_url(SuperUserLogs) + + def test_get_anonymous(self): + self._run_test('GET', 403, None, None) + + def test_get_freshuser(self): + self._run_test('GET', 403, 'freshuser', None) + + def test_get_reader(self): + self._run_test('GET', 403, 'reader', None) + + def test_get_devtable(self): + self._run_test('GET', 200, 'devtable', None) + + +class TestSuperUserList(ApiTestCase): + def setUp(self): + ApiTestCase.setUp(self) + self._set_url(SuperUserList) + + def test_get_anonymous(self): + self._run_test('GET', 403, None, None) + + def test_get_freshuser(self): + self._run_test('GET', 403, 'freshuser', None) + + def test_get_reader(self): + self._run_test('GET', 403, 'reader', None) + + def test_get_devtable(self): + self._run_test('GET', 200, 'devtable', None) + + + +class TestSuperUserManagement(ApiTestCase): + def setUp(self): + ApiTestCase.setUp(self) + self._set_url(SuperUserManagement, username='freshuser') + + def test_get_anonymous(self): + self._run_test('GET', 403, None, None) + + def test_get_freshuser(self): + self._run_test('GET', 403, 'freshuser', None) + + def test_get_reader(self): + self._run_test('GET', 403, 'reader', None) + + def test_get_devtable(self): + self._run_test('GET', 200, 'devtable', None) + + + def test_put_anonymous(self): + self._run_test('PUT', 403, None, {}) + + def test_put_freshuser(self): + self._run_test('PUT', 403, 'freshuser', {}) + + def test_put_reader(self): + self._run_test('PUT', 403, 'reader', {}) + + def test_put_devtable(self): + self._run_test('PUT', 200, 'devtable', {}) + + + def test_delete_anonymous(self): + self._run_test('DELETE', 403, None, None) + + def test_delete_freshuser(self): + self._run_test('DELETE', 403, 'freshuser', None) + + def test_delete_reader(self): + self._run_test('DELETE', 403, 'reader', None) + + def test_delete_devtable(self): + self._run_test('DELETE', 204, 'devtable', None) + + + if __name__ == '__main__': unittest.main() diff --git a/test/test_api_usage.py b/test/test_api_usage.py index a1683b372..80d7eee0d 100644 --- a/test/test_api_usage.py +++ b/test/test_api_usage.py @@ -38,6 +38,7 @@ from endpoints.api.organization import (OrganizationList, OrganizationMember, from endpoints.api.repository import RepositoryList, RepositoryVisibility, Repository from endpoints.api.permission import (RepositoryUserPermission, RepositoryTeamPermission, RepositoryTeamPermissionList, RepositoryUserPermissionList) +from endpoints.api.superuser import SuperUserLogs, SeatUsage, SuperUserList, SuperUserManagement try: app.register_blueprint(api_bp, url_prefix='/api') @@ -1937,5 +1938,66 @@ class TestUserAuthorizations(ApiTestCase): self.getJsonResponse(UserAuthorization, params=dict(access_token_uuid = authorization['uuid']), expected_code=404) + +class TestSuperUserLogs(ApiTestCase): + def test_get_logs(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse(SuperUserLogs) + + assert 'logs' in json + assert len(json['logs']) > 0 + + +class TestSuperUserList(ApiTestCase): + def test_get_users(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse(SuperUserList) + + assert 'users' in json + assert len(json['users']) > 0 + + +class TestSuperUserManagement(ApiTestCase): + def test_get_user(self): + self.login(ADMIN_ACCESS_USER) + + json = self.getJsonResponse(SuperUserManagement, params=dict(username = 'freshuser')) + self.assertEquals('freshuser', json['username']) + self.assertEquals('no@thanks.com', json['email']) + self.assertEquals(False, json['super_user']) + + def test_delete_user(self): + self.login(ADMIN_ACCESS_USER) + + # Verify the user exists. + json = self.getJsonResponse(SuperUserManagement, params=dict(username = 'freshuser')) + self.assertEquals('freshuser', json['username']) + + # Delete the user. + self.deleteResponse(SuperUserManagement, params=dict(username = 'freshuser'), expected_code=204) + + # Verify the user no longer exists. + self.getResponse(SuperUserManagement, params=dict(username = 'freshuser'), expected_code=404) + + + def test_update_user(self): + self.login(ADMIN_ACCESS_USER) + + # Verify the user exists. + json = self.getJsonResponse(SuperUserManagement, params=dict(username = 'freshuser')) + self.assertEquals('freshuser', json['username']) + self.assertEquals('no@thanks.com', json['email']) + + # Update the user. + self.putJsonResponse(SuperUserManagement, params=dict(username='freshuser'), data=dict(email='foo@bar.com')) + + # Verify the user was updated. + json = self.getJsonResponse(SuperUserManagement, params=dict(username = 'freshuser')) + self.assertEquals('freshuser', json['username']) + self.assertEquals('foo@bar.com', json['email']) + + if __name__ == '__main__': unittest.main() diff --git a/test/testconfig.py b/test/testconfig.py index d012af469..f39ee42c2 100644 --- a/test/testconfig.py +++ b/test/testconfig.py @@ -28,3 +28,6 @@ class TestConfig(DefaultConfig): 'deadbeef-dead-beef-dead-beefdeadbeef') USERFILES_TYPE = 'FakeUserfiles' + + FEATURE_SUPER_USERS = True + SUPER_USERS = ['devtable']