mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-24 20:31:19 -05:00
71035ab96e
On the team and templates pages we have a pattern for adding a new ‘thing’, which is a green button in the top right. This commit changes the API key page to follow the same pattern.
182 lines
7.9 KiB
Python
182 lines
7.9 KiB
Python
import uuid
|
||
from datetime import date
|
||
from flask import url_for
|
||
from tests import validate_route_permission
|
||
|
||
|
||
def test_should_show_api_keys_and_documentation_page(app_,
|
||
api_user_active,
|
||
mock_login,
|
||
mock_get_user,
|
||
mock_get_user_by_email,
|
||
mock_get_service):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
response = client.get(url_for('main.documentation', service_id=uuid.uuid4()))
|
||
|
||
assert response.status_code == 200
|
||
|
||
|
||
def test_should_show_empty_api_keys_page(app_,
|
||
api_user_active,
|
||
mock_get_user,
|
||
mock_login,
|
||
mock_get_user_by_email,
|
||
mock_get_no_api_keys,
|
||
mock_get_service,
|
||
mock_has_permissions):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
service_id = str(uuid.uuid4())
|
||
response = client.get(url_for('main.api_keys', service_id=service_id))
|
||
|
||
assert response.status_code == 200
|
||
assert 'You haven’t created any API keys yet' in response.get_data(as_text=True)
|
||
assert 'Create new API key' in response.get_data(as_text=True)
|
||
mock_get_no_api_keys.assert_called_once_with(service_id=service_id)
|
||
|
||
|
||
def test_should_show_api_keys_page(app_,
|
||
api_user_active,
|
||
mock_login,
|
||
mock_get_user,
|
||
mock_get_user_by_email,
|
||
mock_get_api_keys,
|
||
mock_get_service,
|
||
mock_has_permissions,
|
||
fake_uuid):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
response = client.get(url_for('main.api_keys', service_id=fake_uuid))
|
||
|
||
assert response.status_code == 200
|
||
assert 'some key name' in response.get_data(as_text=True)
|
||
assert 'another key name' in response.get_data(as_text=True)
|
||
assert 'Revoked Thursday 01 January 1970 at 00:00' in response.get_data(as_text=True)
|
||
mock_get_api_keys.assert_called_once_with(service_id=fake_uuid)
|
||
|
||
|
||
def test_should_show_name_api_key_page(app_,
|
||
api_user_active,
|
||
mock_login,
|
||
mock_get_user,
|
||
mock_get_user_by_email,
|
||
mock_get_api_keys,
|
||
mock_get_service,
|
||
mock_has_permissions):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
service_id = str(uuid.uuid4())
|
||
response = client.get(url_for('main.create_api_key', service_id=service_id))
|
||
|
||
assert response.status_code == 200
|
||
|
||
|
||
def test_should_render_show_api_key(app_,
|
||
api_user_active,
|
||
mock_login,
|
||
mock_get_user,
|
||
mock_get_user_by_email,
|
||
mock_create_api_key,
|
||
mock_get_api_keys,
|
||
mock_get_service,
|
||
mock_has_permissions):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
service_id = str(uuid.uuid4())
|
||
response = client.post(url_for('main.create_api_key', service_id=service_id),
|
||
data={'key_name': 'some default key name'})
|
||
|
||
assert response.status_code == 200
|
||
assert 'some default key name' in response.get_data(as_text=True)
|
||
mock_create_api_key.assert_called_once_with(service_id=service_id, key_name='some default key name')
|
||
|
||
|
||
def test_should_show_confirm_revoke_api_key(app_,
|
||
api_user_active,
|
||
mock_login,
|
||
mock_get_user,
|
||
mock_get_user_by_email,
|
||
mock_get_api_keys,
|
||
mock_get_service,
|
||
mock_has_permissions,
|
||
fake_uuid):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
response = client.get(url_for('main.revoke_api_key', service_id=fake_uuid, key_id=fake_uuid))
|
||
|
||
assert response.status_code == 200
|
||
assert 'some key name' in response.get_data(as_text=True)
|
||
mock_get_api_keys.assert_called_once_with(service_id=fake_uuid, key_id=fake_uuid)
|
||
|
||
|
||
def test_should_redirect_after_revoking_api_key(app_,
|
||
api_user_active,
|
||
mock_login,
|
||
mock_get_user,
|
||
mock_get_user_by_email,
|
||
mock_revoke_api_key,
|
||
mock_get_api_keys,
|
||
mock_get_service,
|
||
mock_has_permissions,
|
||
fake_uuid):
|
||
with app_.test_request_context():
|
||
with app_.test_client() as client:
|
||
client.login(api_user_active)
|
||
response = client.post(url_for('main.revoke_api_key', service_id=fake_uuid, key_id=fake_uuid))
|
||
|
||
assert response.status_code == 302
|
||
assert response.location == url_for('.api_keys', service_id=fake_uuid, _external=True)
|
||
mock_revoke_api_key.assert_called_once_with(service_id=fake_uuid, key_id=fake_uuid)
|
||
mock_get_api_keys.assert_called_once_with(service_id=fake_uuid, key_id=fake_uuid)
|
||
|
||
|
||
def test_route_permissions(mocker,
|
||
app_,
|
||
api_user_active,
|
||
service_one,
|
||
mock_get_api_keys):
|
||
routes = [
|
||
'main.api_keys',
|
||
'main.create_api_key',
|
||
'main.revoke_api_key']
|
||
with app_.test_request_context():
|
||
for route in routes:
|
||
validate_route_permission(
|
||
mocker,
|
||
app_,
|
||
"GET",
|
||
200,
|
||
url_for(route, service_id=service_one['id'], key_id=123),
|
||
['manage_api_keys'],
|
||
api_user_active,
|
||
service_one)
|
||
|
||
|
||
def test_route_invalid_permissions(mocker,
|
||
app_,
|
||
api_user_active,
|
||
service_one,
|
||
mock_get_api_keys):
|
||
routes = [
|
||
'main.api_keys',
|
||
'main.create_api_key',
|
||
'main.revoke_api_key']
|
||
with app_.test_request_context():
|
||
for route in routes:
|
||
validate_route_permission(
|
||
mocker,
|
||
app_,
|
||
"GET",
|
||
403,
|
||
url_for(route, service_id=service_one['id'], key_id=123),
|
||
['view_activity'],
|
||
api_user_active,
|
||
service_one)
|