314 lines
11 KiB
Python
314 lines
11 KiB
Python
import unittest
|
|
import json
|
|
|
|
from flask import url_for
|
|
from endpoints.api import api
|
|
from app import app
|
|
from initdb import setup_database_for_testing, finished_database_for_testing
|
|
from specs import build_specs
|
|
from data import model
|
|
|
|
app.register_blueprint(api, url_prefix='/api')
|
|
|
|
NO_ACCESS_USER = 'freshuser'
|
|
READ_ACCESS_USER = 'reader'
|
|
ADMIN_ACCESS_USER = 'devtable'
|
|
ORGANIZATION = 'buynlarge'
|
|
|
|
NEW_USER_DETAILS = {
|
|
'username': 'bobby',
|
|
'password': 'password',
|
|
'email': 'bobby@tables.com',
|
|
}
|
|
|
|
class ApiTestCase(unittest.TestCase):
|
|
def setUp(self):
|
|
setup_database_for_testing(self)
|
|
self.app = app.test_client()
|
|
self.ctx = app.test_request_context()
|
|
self.ctx.__enter__()
|
|
|
|
def tearDown(self):
|
|
finished_database_for_testing(self)
|
|
self.ctx.__exit__(True, None, None)
|
|
|
|
def getJsonResponse(self, method_name, params={}):
|
|
rv = self.app.get(url_for(method_name, **params))
|
|
self.assertEquals(200, rv.status_code)
|
|
data = rv.data
|
|
parsed = json.loads(data)
|
|
return parsed
|
|
|
|
def postResponse(self, method_name, params={}, data={}, expected_code=200):
|
|
rv = self.app.post(url_for(method_name, **params), data=json.dumps(data),
|
|
headers={"Content-Type": "application/json"})
|
|
self.assertEquals(rv.status_code, expected_code)
|
|
return rv.data
|
|
|
|
def getResponse(self, method_name, params={}, expected_code=200):
|
|
rv = self.app.get(url_for(method_name, **params))
|
|
self.assertEquals(rv.status_code, expected_code)
|
|
return rv.data
|
|
|
|
def postJsonResponse(self, method_name, params={}, data={}, expected_code=200):
|
|
rv = self.app.post(url_for(method_name, **params), data=json.dumps(data),
|
|
headers={"Content-Type": "application/json"})
|
|
|
|
if rv.status_code != expected_code:
|
|
print 'Mismatch data for method %s: %s' % (method_name, rv.data)
|
|
|
|
self.assertEquals(rv.status_code, expected_code)
|
|
data = rv.data
|
|
parsed = json.loads(data)
|
|
return parsed
|
|
|
|
def putJsonResponse(self, method_name, params={}, data={}, expected_code=200):
|
|
rv = self.app.put(url_for(method_name, **params), data=json.dumps(data),
|
|
headers={"Content-Type": "application/json"})
|
|
|
|
if rv.status_code != expected_code:
|
|
print 'Mismatch data for method %s: %s' % (method_name, rv.data)
|
|
|
|
self.assertEquals(rv.status_code, expected_code)
|
|
data = rv.data
|
|
parsed = json.loads(data)
|
|
return parsed
|
|
|
|
def login(self, username, password='password'):
|
|
return self.postJsonResponse('api.signin_user', data=dict(username=username, password=password))
|
|
|
|
class TestDiscovery(ApiTestCase):
|
|
def test_discovery(self):
|
|
""" Basic sanity check that discovery returns valid JSON in the expected format. """
|
|
json = self.getJsonResponse('api.discovery')
|
|
found = set([])
|
|
for method_info in json['endpoints']:
|
|
found.add(method_info['name'])
|
|
|
|
assert 'discovery' in found
|
|
|
|
class TestPlans(ApiTestCase):
|
|
def test_plans(self):
|
|
""" Basic sanity check that the plans are returned in the expected format. """
|
|
json = self.getJsonResponse('api.list_plans')
|
|
found = set([])
|
|
for method_info in json['plans']:
|
|
found.add(method_info['stripeId'])
|
|
|
|
assert 'free' in found
|
|
|
|
class TestLoggedInUser(ApiTestCase):
|
|
def test_guest(self):
|
|
json = self.getJsonResponse('api.get_logged_in_user')
|
|
assert json['anonymous'] == True
|
|
|
|
def test_user(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.getJsonResponse('api.get_logged_in_user')
|
|
assert json['anonymous'] == False
|
|
assert json['username'] == READ_ACCESS_USER
|
|
|
|
class TestGetUserPrivateCount(ApiTestCase):
|
|
def test_nonallowed(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.getJsonResponse('api.get_user_private_count')
|
|
assert json['privateCount'] == 0
|
|
assert json['reposAllowed'] == 0
|
|
|
|
def test_allowed(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
json = self.getJsonResponse('api.get_user_private_count')
|
|
assert json['privateCount'] == 6
|
|
assert json['reposAllowed'] == 125
|
|
|
|
class TestConvertToOrganization(ApiTestCase):
|
|
def test_sameadminuser(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.postJsonResponse('api.convert_user_to_organization',
|
|
data={'adminUser': READ_ACCESS_USER, 'adminPassword': 'password'},
|
|
expected_code=400)
|
|
|
|
self.assertEqual('The admin user is not valid', json['message'])
|
|
|
|
def test_invalidadminuser(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.postJsonResponse('api.convert_user_to_organization',
|
|
data={'adminUser': 'unknownuser', 'adminPassword': 'password'},
|
|
expected_code=400)
|
|
|
|
self.assertEqual('The admin user credentials are not valid', json['message'])
|
|
|
|
def test_invalidadminpassword(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.postJsonResponse('api.convert_user_to_organization',
|
|
data={'adminUser': ADMIN_ACCESS_USER, 'adminPassword': 'invalidpass'},
|
|
expected_code=400)
|
|
|
|
self.assertEqual('The admin user credentials are not valid', json['message'])
|
|
|
|
def test_convert(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.postJsonResponse('api.convert_user_to_organization',
|
|
data={'adminUser': ADMIN_ACCESS_USER,
|
|
'adminPassword': 'password',
|
|
'plan': 'free'})
|
|
|
|
self.assertEqual(True, json['success'])
|
|
|
|
# Verify the organization exists.
|
|
organization = model.get_organization(READ_ACCESS_USER)
|
|
assert organization is not None
|
|
|
|
|
|
class TestChangeUserDetails(ApiTestCase):
|
|
def test_changepassword(self):
|
|
self.login(READ_ACCESS_USER)
|
|
self.putJsonResponse('api.change_user_details', data=dict(password='newpasswordiscool'))
|
|
self.login(READ_ACCESS_USER, password='newpasswordiscool')
|
|
|
|
def test_changeinvoiceemail(self):
|
|
self.login(READ_ACCESS_USER)
|
|
|
|
json = self.putJsonResponse('api.change_user_details', data=dict(invoice_email=True))
|
|
self.assertEquals(True, json['invoice_email'])
|
|
|
|
json = self.putJsonResponse('api.change_user_details', data=dict(invoice_email=False))
|
|
self.assertEquals(False, json['invoice_email'])
|
|
|
|
|
|
class TestCreateNewUser(ApiTestCase):
|
|
def test_existingusername(self):
|
|
json = self.postJsonResponse('api.create_new_user',
|
|
data=dict(username=READ_ACCESS_USER,
|
|
password='password',
|
|
email='test@example.com'),
|
|
expected_code=400)
|
|
|
|
self.assertEquals('The username already exists', json['message'])
|
|
|
|
def test_createuser(self):
|
|
data = self.postResponse('api.create_new_user',
|
|
data=NEW_USER_DETAILS,
|
|
expected_code=201)
|
|
self.assertEquals('Created', data)
|
|
|
|
|
|
class TestSignout(ApiTestCase):
|
|
def test_signout(self):
|
|
self.login(READ_ACCESS_USER)
|
|
|
|
json = self.getJsonResponse('api.get_logged_in_user')
|
|
assert json['username'] == READ_ACCESS_USER
|
|
|
|
self.postResponse('api.logout')
|
|
|
|
json = self.getJsonResponse('api.get_logged_in_user')
|
|
assert json['anonymous'] == True
|
|
|
|
|
|
class TestGetMatchingEntities(ApiTestCase):
|
|
def test_notinorg(self):
|
|
self.login(NO_ACCESS_USER)
|
|
|
|
json = self.getJsonResponse('api.get_matching_entities',
|
|
params=dict(prefix='o', namespace=ORGANIZATION, includeTeams=True))
|
|
|
|
names = set([r['name'] for r in json['results']])
|
|
assert 'outsideorg' in names
|
|
assert not 'owners' in names
|
|
|
|
def test_inorg(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
|
|
json = self.getJsonResponse('api.get_matching_entities',
|
|
params=dict(prefix='o', namespace=ORGANIZATION, includeTeams=True))
|
|
|
|
names = set([r['name'] for r in json['results']])
|
|
assert 'outsideorg' in names
|
|
assert 'owners' in names
|
|
|
|
|
|
class TestCreateOrganization(ApiTestCase):
|
|
def test_existinguser(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
|
|
json = self.postJsonResponse('api.create_organization', data=dict(name=ADMIN_ACCESS_USER),
|
|
expected_code=400)
|
|
|
|
self.assertEquals('A user or organization with this name already exists', json['message'])
|
|
|
|
def test_existingorg(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
|
|
json = self.postJsonResponse('api.create_organization', data=dict(name=ORGANIZATION),
|
|
expected_code=400)
|
|
|
|
self.assertEquals('A user or organization with this name already exists', json['message'])
|
|
|
|
def test_createorg(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
|
|
data = self.postResponse('api.create_organization',
|
|
data=dict(name='neworg', email='test@example.com'),
|
|
expected_code=201)
|
|
|
|
self.assertEquals('Created', data)
|
|
|
|
# Ensure the org was created.
|
|
organization = model.get_organization('neworg')
|
|
assert organization is not None
|
|
|
|
|
|
class TestGetOrganization(ApiTestCase):
|
|
def test_unknownorg(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
self.getResponse('api.get_organization', params=dict(orgname='notvalid'),
|
|
expected_code=403)
|
|
|
|
def test_cannotaccess(self):
|
|
self.login(NO_ACCESS_USER)
|
|
self.getResponse('api.get_organization', params=dict(orgname=ORGANIZATION),
|
|
expected_code=403)
|
|
|
|
def test_getorganization(self):
|
|
self.login(READ_ACCESS_USER)
|
|
json = self.getJsonResponse('api.get_organization', params=dict(orgname=ORGANIZATION))
|
|
|
|
self.assertEquals(ORGANIZATION, json['name'])
|
|
self.assertEquals(False, json['is_admin'])
|
|
|
|
def test_getorganization_asadmin(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
json = self.getJsonResponse('api.get_organization', params=dict(orgname=ORGANIZATION))
|
|
|
|
self.assertEquals(ORGANIZATION, json['name'])
|
|
self.assertEquals(True, json['is_admin'])
|
|
|
|
class TestChangeOrganizationDetails(ApiTestCase):
|
|
def test_changeinvoiceemail(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
|
|
json = self.putJsonResponse('api.change_organization_details',
|
|
params=dict(orgname=ORGANIZATION),
|
|
data=dict(invoice_email=True))
|
|
|
|
self.assertEquals(True, json['invoice_email'])
|
|
|
|
json = self.putJsonResponse('api.change_organization_details',
|
|
params=dict(orgname=ORGANIZATION),
|
|
data=dict(invoice_email=False))
|
|
self.assertEquals(False, json['invoice_email'])
|
|
|
|
|
|
def test_changemail(self):
|
|
self.login(ADMIN_ACCESS_USER)
|
|
|
|
json = self.putJsonResponse('api.change_organization_details',
|
|
params=dict(orgname=ORGANIZATION),
|
|
data=dict(email='newemail@example.com'))
|
|
|
|
self.assertEquals('newemail@example.com', json['email'])
|
|
|
|
|
|
if __name__ == '__main__':
|
|
unittest.main()
|