test_pagure_flask_api_auth.py 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2015 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. __requires__ = ['SQLAlchemy >= 0.8']
  8. import pkg_resources
  9. import unittest
  10. import shutil
  11. import sys
  12. import os
  13. import json
  14. from mock import patch
  15. sys.path.insert(0, os.path.join(os.path.dirname(
  16. os.path.abspath(__file__)), '..'))
  17. import pagure.lib
  18. import tests
  19. class PagureFlaskApiAuthtests(tests.Modeltests):
  20. """ Tests for the authentication in the flask API of pagure """
  21. def setUp(self):
  22. """ Set up the environnment, ran before every tests. """
  23. super(PagureFlaskApiAuthtests, self).setUp()
  24. pagure.APP.config['TESTING'] = True
  25. pagure.SESSION = self.session
  26. pagure.api.SESSION = self.session
  27. pagure.api.issue.SESSION = self.session
  28. pagure.lib.SESSION = self.session
  29. self.app = pagure.APP.test_client()
  30. def test_auth_no_data(self):
  31. """ Test the authentication when there is nothing in the database.
  32. """
  33. output = self.app.post('/api/0/foo/new_issue')
  34. self.assertEqual(output.status_code, 401)
  35. data = json.loads(output.data)
  36. self.assertDictEqual(
  37. data,
  38. {
  39. "error": "Invalid or expired token. Please visit " \
  40. "https://pagure.org/ to get or renew your API token.",
  41. "error_code": "EINVALIDTOK",
  42. }
  43. )
  44. headers = {'Authorization': 'token aabbbccc'}
  45. output = self.app.post('/api/0/foo/new_issue', headers=headers)
  46. self.assertEqual(output.status_code, 401)
  47. data = json.loads(output.data)
  48. self.assertDictEqual(
  49. data,
  50. {
  51. "error": "Invalid or expired token. Please visit " \
  52. "https://pagure.org/ to get or renew your API token.",
  53. "error_code": "EINVALIDTOK",
  54. }
  55. )
  56. def test_auth_noacl(self):
  57. """ Test the authentication when the token does not have any ACL.
  58. """
  59. tests.create_projects(self.session)
  60. tests.create_tokens(self.session)
  61. output = self.app.post('/api/0/test/new_issue')
  62. self.assertEqual(output.status_code, 401)
  63. data = json.loads(output.data)
  64. self.assertDictEqual(
  65. data,
  66. {
  67. "error": "Invalid or expired token. Please visit " \
  68. "https://pagure.org/ to get or renew your API token.",
  69. "error_code": "EINVALIDTOK",
  70. }
  71. )
  72. headers = {'Authorization': 'token aaabbbcccddd'}
  73. output = self.app.post('/api/0/test/new_issue', headers=headers)
  74. self.assertEqual(output.status_code, 401)
  75. data = json.loads(output.data)
  76. self.assertDictEqual(
  77. data,
  78. {
  79. "error": "Invalid or expired token. Please visit " \
  80. "https://pagure.org/ to get or renew your API token.",
  81. "error_code": "EINVALIDTOK",
  82. }
  83. )
  84. def test_auth_expired(self):
  85. """ Test the authentication when the token has expired.
  86. """
  87. tests.create_projects(self.session)
  88. tests.create_tokens(self.session)
  89. output = self.app.post('/api/0/test/new_issue')
  90. self.assertEqual(output.status_code, 401)
  91. data = json.loads(output.data)
  92. self.assertDictEqual(
  93. data,
  94. {
  95. "error": "Invalid or expired token. Please visit " \
  96. "https://pagure.org/ to get or renew your API token.",
  97. "error_code": "EINVALIDTOK",
  98. }
  99. )
  100. headers = {'Authorization': 'token expired_token'}
  101. output = self.app.post('/api/0/test/new_issue', headers=headers)
  102. self.assertEqual(output.status_code, 401)
  103. data = json.loads(output.data)
  104. self.assertDictEqual(
  105. data,
  106. {
  107. "error": "Invalid or expired token. Please visit " \
  108. "https://pagure.org/ to get or renew your API token.",
  109. "error_code": "EINVALIDTOK",
  110. }
  111. )
  112. def test_auth(self):
  113. """ Test the token based authentication.
  114. """
  115. tests.create_projects(self.session)
  116. tests.create_tokens(self.session)
  117. tests.create_tokens_acl(self.session)
  118. output = self.app.post('/api/0/test/new_issue')
  119. self.assertEqual(output.status_code, 401)
  120. data = json.loads(output.data)
  121. self.assertDictEqual(
  122. data,
  123. {
  124. "error": "Invalid or expired token. Please visit " \
  125. "https://pagure.org/ to get or renew your API token.",
  126. "error_code": "EINVALIDTOK",
  127. }
  128. )
  129. headers = {'Authorization': 'token aaabbbcccddd'}
  130. output = self.app.post('/api/0/test/new_issue', headers=headers)
  131. self.assertEqual(output.status_code, 400)
  132. data = json.loads(output.data)
  133. self.assertDictEqual(
  134. data,
  135. {
  136. "error": "Invalid or incomplete input submited",
  137. "error_code": "EINVALIDREQ",
  138. }
  139. )
  140. if __name__ == '__main__':
  141. SUITE = unittest.TestLoader().loadTestsFromTestCase(
  142. PagureFlaskApiAuthtests)
  143. unittest.TextTestRunner(verbosity=2).run(SUITE)