2016-02-02 14:24:08 +00:00
|
|
|
|
import uuid
|
2016-01-21 12:28:05 +00:00
|
|
|
|
from datetime import date
|
2016-01-16 10:59:16 +00:00
|
|
|
|
from flask import url_for
|
2016-03-09 12:10:50 +00:00
|
|
|
|
from tests import validate_route_permission
|
2016-01-16 10:59:16 +00:00
|
|
|
|
|
|
|
|
|
|
|
2016-01-19 09:49:01 +00:00
|
|
|
|
def test_should_show_api_keys_and_documentation_page(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_login):
|
2016-01-19 09:55:13 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
response = client.get(url_for('main.documentation', service_id=uuid.uuid4()))
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
|
|
|
|
|
|
|
2016-01-21 12:28:05 +00:00
|
|
|
|
def test_should_show_empty_api_keys_page(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_get_no_api_keys,
|
2016-02-29 14:57:07 +00:00
|
|
|
|
mock_login,
|
|
|
|
|
|
mock_has_permissions):
|
2016-01-21 12:28:05 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
service_id = str(uuid.uuid4())
|
|
|
|
|
|
response = client.get(url_for('main.api_keys', service_id=service_id))
|
2016-01-21 12:28:05 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
assert 'You haven’t created any API keys yet' in response.get_data(as_text=True)
|
|
|
|
|
|
assert 'Create a new API key' in response.get_data(as_text=True)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
mock_get_no_api_keys.assert_called_once_with(service_id=service_id)
|
2016-01-21 12:28:05 +00:00
|
|
|
|
|
|
|
|
|
|
|
2016-01-19 09:55:13 +00:00
|
|
|
|
def test_should_show_api_keys_page(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_get_api_keys,
|
2016-02-29 14:57:07 +00:00
|
|
|
|
mock_login,
|
|
|
|
|
|
mock_has_permissions):
|
2016-01-19 09:49:01 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
service_id = str(uuid.uuid4())
|
|
|
|
|
|
response = client.get(url_for('main.api_keys', service_id=service_id))
|
2016-01-16 10:59:16 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
2016-01-21 12:28:05 +00:00
|
|
|
|
assert 'some key name' in response.get_data(as_text=True)
|
|
|
|
|
|
assert 'another key name' in response.get_data(as_text=True)
|
|
|
|
|
|
assert 'Revoked Thursday 01 January 1970 at 00:00' in response.get_data(as_text=True)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
mock_get_api_keys.assert_called_once_with(service_id=service_id)
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_should_show_name_api_key_page(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_get_api_keys,
|
2016-02-29 14:57:07 +00:00
|
|
|
|
mock_login,
|
|
|
|
|
|
mock_has_permissions):
|
2016-01-19 09:55:13 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
service_id = str(uuid.uuid4())
|
|
|
|
|
|
response = client.get(url_for('main.create_api_key', service_id=service_id))
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
|
|
|
|
|
|
|
2016-01-21 12:28:05 +00:00
|
|
|
|
def test_should_render_show_api_key(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-21 14:15:36 +00:00
|
|
|
|
mock_create_api_key,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_get_api_keys,
|
2016-02-29 14:57:07 +00:00
|
|
|
|
mock_login,
|
|
|
|
|
|
mock_has_permissions):
|
2016-01-19 09:55:13 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
service_id = str(uuid.uuid4())
|
|
|
|
|
|
response = client.post(url_for('main.create_api_key', service_id=service_id),
|
2016-01-21 12:28:05 +00:00
|
|
|
|
data={'key_name': 'some default key name'})
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
2016-01-21 12:28:05 +00:00
|
|
|
|
assert 'some default key name' in response.get_data(as_text=True)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
mock_create_api_key.assert_called_once_with(service_id=service_id, key_name='some default key name')
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_should_show_confirm_revoke_api_key(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_get_api_keys,
|
2016-02-29 14:57:07 +00:00
|
|
|
|
mock_login,
|
|
|
|
|
|
mock_has_permissions):
|
2016-01-19 09:55:13 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
service_id = str(uuid.uuid4())
|
|
|
|
|
|
response = client.get(url_for('main.revoke_api_key', service_id=service_id, key_id=321))
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
2016-01-21 12:28:05 +00:00
|
|
|
|
assert 'some key name' in response.get_data(as_text=True)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
mock_get_api_keys.assert_called_once_with(service_id=service_id, key_id=321)
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_should_redirect_after_revoking_api_key(app_,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
api_user_active,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_get_user_by_email,
|
2016-01-21 12:28:05 +00:00
|
|
|
|
mock_revoke_api_key,
|
2016-01-27 12:22:32 +00:00
|
|
|
|
mock_get_api_keys,
|
2016-02-29 14:57:07 +00:00
|
|
|
|
mock_login,
|
|
|
|
|
|
mock_has_permissions):
|
2016-01-19 09:55:13 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
client.login(api_user_active)
|
2016-02-02 14:24:08 +00:00
|
|
|
|
service_id = str(uuid.uuid4())
|
|
|
|
|
|
response = client.post(url_for('main.revoke_api_key', service_id=service_id, key_id=321))
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
2016-02-02 14:24:08 +00:00
|
|
|
|
assert response.location == url_for('.api_keys', service_id=service_id, _external=True)
|
|
|
|
|
|
mock_revoke_api_key.assert_called_once_with(service_id=service_id, key_id=321)
|
|
|
|
|
|
mock_get_api_keys.assert_called_once_with(service_id=service_id, key_id=321)
|
2016-03-09 12:10:50 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_route_permissions(mocker, app_, api_user_active, service_one, mock_get_api_keys):
|
|
|
|
|
|
routes = [
|
|
|
|
|
|
'main.api_keys',
|
|
|
|
|
|
'main.create_api_key',
|
|
|
|
|
|
'main.revoke_api_key']
|
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
for route in routes:
|
|
|
|
|
|
validate_route_permission(
|
|
|
|
|
|
mocker,
|
|
|
|
|
|
app_,
|
|
|
|
|
|
"GET",
|
|
|
|
|
|
200,
|
|
|
|
|
|
url_for(route, service_id=service_one['id'], key_id=123),
|
|
|
|
|
|
['manage_api_keys'],
|
|
|
|
|
|
api_user_active,
|
|
|
|
|
|
service_one)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_api_keys):
|
|
|
|
|
|
routes = [
|
|
|
|
|
|
'main.api_keys',
|
|
|
|
|
|
'main.create_api_key',
|
|
|
|
|
|
'main.revoke_api_key']
|
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
for route in routes:
|
|
|
|
|
|
validate_route_permission(
|
|
|
|
|
|
mocker,
|
|
|
|
|
|
app_,
|
|
|
|
|
|
"GET",
|
|
|
|
|
|
403,
|
|
|
|
|
|
url_for(route, service_id=service_one['id'], key_id=123),
|
|
|
|
|
|
['blah'],
|
|
|
|
|
|
api_user_active,
|
|
|
|
|
|
service_one)
|
