def test_key_auth_decorator(self):
user = User(username="******", email="*****@*****.**")
user.save()
key = Key(user=user)
secret = key.generate_secret()
key.save()
@accepts_auth_key
def fake_view(request, foo, bar):
return (foo, bar)
cases = ((key.key, secret, True), (key.key, "FAKE", False), ("FAKE", secret, False), ("FAKE", "FAKE", False))
for k, s, success in cases:
request = HttpRequest()
request.user = AnonymousUser()
auth = "%s:%s" % (k, s)
b64_auth = base64.encodestring(auth)
request.META["HTTP_AUTHORIZATION"] = "Basic %s" % b64_auth
foo, bar = fake_view(request, "foo", "bar")
eq_("foo", foo)
eq_("bar", bar)
if not success:
ok_(not request.user.is_authenticated())
else:
ok_(request.user.is_authenticated())
ok_(request.user == user)
ok_(request.authkey)
ok_(request.authkey == key)
def setUp(self):
username = '******'
password = '******'
self.email = '*****@*****.**'
self.user = User.objects.create_user(username, self.email, password)
self.client.login(username=username, password=password)
self.user2 = User(username='******', email='*****@*****.**')
self.user2.save()
self.key1 = Key(user=self.user, description='Test Key 1')
self.key1.save()
self.key2 = Key(user=self.user, description='Test Key 2')
self.key2.save()
self.key3 = Key(user=self.user2, description='Test Key 3')
self.key3.save()
def setUp(self):
self.username = "******"
self.password = "******"
self.email = "*****@*****.**"
self.user = User(username=self.username, email=self.email)
self.user.set_password(self.password)
self.user.save()
self.user2 = User(username="******", email="*****@*****.**")
self.user2.save()
self.key1 = Key(user=self.user, description="Test Key 1")
self.key1.save()
self.key2 = Key(user=self.user, description="Test Key 2")
self.key2.save()
self.key3 = Key(user=self.user2, description="Test Key 3")
self.key3.save()
self.client = Client()
def setUp(self):
self.username = '******'
self.password = '******'
self.email = '*****@*****.**'
self.user = User(username=self.username,
email=self.email)
self.user.set_password(self.password)
self.user.save()
self.user2 = User(username='******', email='*****@*****.**')
self.user2.save()
self.key1 = Key(user=self.user, description='Test Key 1')
self.key1.save()
self.key2 = Key(user=self.user, description='Test Key 2')
self.key2.save()
self.key3 = Key(user=self.user2, description='Test Key 3')
self.key3.save()
self.client = Client()
def test_secret_generation(self):
"""Generated secret should be saved as a hash and pass a check"""
key = Key(user=self.user)
secret = key.generate_secret()
key.save()
ok_(key.key)
ok_(key.hashed_secret)
ok_(len(key.hashed_secret) > 0)
ok_(len(secret) > 0)
ok_(secret != key.hashed_secret)
ok_(not key.check_secret("I AM A FAKE"))
ok_(key.check_secret(secret))
def test_secret_generation(self):
"""Generated secret should be saved as a hash and pass a check"""
u = user(username="******",
email="*****@*****.**",
save=True)
key = Key(user=u)
secret = key.generate_secret()
key.save()
ok_(key.key)
ok_(key.hashed_secret)
ok_(len(key.hashed_secret) > 0)
ok_(len(secret) > 0)
ok_(secret != key.hashed_secret)
ok_(not key.check_secret("I AM A FAKE"))
ok_(key.check_secret(secret))
class KeyViewsTest(TestCase):
def setUp(self):
username = '******'
password = '******'
self.email = '*****@*****.**'
self.user = user(username=username, email=self.email,
password=password, save=True)
self.client.login(username=username, password=password)
self.user2 = user(username='******', email='*****@*****.**',
save=True)
self.key1 = Key(user=self.user, description='Test Key 1')
self.key1.save()
self.key2 = Key(user=self.user, description='Test Key 2')
self.key2.save()
self.key3 = Key(user=self.user2, description='Test Key 3')
self.key3.save()
def test_new_key(self):
data = {"description": "This is meant for a test app"}
url = reverse('authkeys.new', locale='en-US')
# Check out the creation page, look for the form.
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
eq_(1, page.find('form.key').length)
# We don't have this key yet, right?
keys = Key.objects.filter(description=data['description'])
eq_(0, keys.count())
# Okay, create it.
resp = self.client.post(url, data, follow=False)
eq_(200, resp.status_code)
# We have the key now, right?
keys = Key.objects.filter(description=data['description'])
eq_(1, keys.count())
# Okay, and it should belong to the logged-in user
key = keys[0]
eq_(key.user, self.user)
# Take a look at the description and key shown on the result page.
page = pq(resp.content)
ok_(data['description'], page.find('.key .description').text())
ok_(key.key, page.find('.key .key').text())
# Ensure the secret on the page checks out.
secret = page.find('.key .secret').text()
ok_(key.check_secret(secret))
def test_list_key(self):
"""The current user's keys should be shown, but only that user's"""
url = reverse('authkeys.list', locale='en-US')
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
for ct, key in ((1, self.key1), (1, self.key2), (0, self.key3)):
key_row = page.find('.keys #key-%s' % key.pk)
eq_(ct, key_row.length)
if ct > 0:
eq_(key.description, key_row.find('.description').text())
def test_key_history(self):
# Assemble some sample log lines
log_lines = []
for i in range(0, ITEMS_PER_PAGE * 2):
log_lines.append(('ping', self.user2, 'Number #%s' % i))
# Record the log lines for this key
for l in log_lines:
self.key1.log(*l)
# Reverse the lines for comparison.
log_lines.reverse()
# Iterate through 2 expected pages...
for qs, offset in (('', 0), ('?page=2', ITEMS_PER_PAGE)):
url = '%s%s' % (reverse('authkeys.history', args=(self.key1.pk,),
locale='en-US'), qs)
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
rows = page.find('.item')
for idx in range(0, ITEMS_PER_PAGE):
row = rows.eq(idx)
expected = log_lines[idx + offset]
line = (row.find('.action').text(),
row.find('.object').text(),
row.find('.notes').text())
eq_(expected[0], line[0])
ok_('%s' % expected[1] in line[1])
eq_(expected[2], line[2])
def test_delete_key(self):
"""User should be able to delete own keys, but no one else's"""
url = reverse('authkeys.delete', args=(self.key3.pk,),
locale='en-US')
resp = self.client.get(url, follow=True)
eq_(403, resp.status_code)
resp = self.client.post(url, follow=False)
ok_(403, resp.status_code)
url = reverse('authkeys.delete', args=(self.key1.pk,),
locale='en-US')
resp = self.client.get(url, follow=True)
eq_(200, resp.status_code)
page = pq(resp.content)
eq_(self.key1.description, page.find('.key .description').text())
resp = self.client.post(url, follow=False)
ok_(302, resp.status_code)
eq_(0, Key.objects.filter(pk=self.key1.pk).count())
class KeyViewsTest(TestCase):
def setUp(self):
self.username = "******"
self.password = "******"
self.email = "*****@*****.**"
self.user = User(username=self.username, email=self.email)
self.user.set_password(self.password)
self.user.save()
self.user2 = User(username="******", email="*****@*****.**")
self.user2.save()
self.key1 = Key(user=self.user, description="Test Key 1")
self.key1.save()
self.key2 = Key(user=self.user, description="Test Key 2")
self.key2.save()
self.key3 = Key(user=self.user2, description="Test Key 3")
self.key3.save()
self.client = Client()
def tearDown(self):
self.user.delete()
self.user2.delete()
self.key1.delete()
self.key2.delete()
self.key3.delete()
def test_new_key(self):
self.client.login(username=self.username, password=self.password)
data = {"description": "This is meant for a test app"}
url = reverse("authkeys.new", locale="en-US")
# Check out the creation page, look for the form.
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
eq_(1, page.find("form.key").length)
# We don't have this key yet, right?
keys = Key.objects.filter(description=data["description"])
eq_(0, keys.count())
# Okay, create it.
resp = self.client.post(url, data, follow=False)
eq_(200, resp.status_code)
# We have the key now, right?
keys = Key.objects.filter(description=data["description"])
eq_(1, keys.count())
# Okay, and it should belong to the logged-in user
key = keys[0]
eq_(key.user, self.user)
# Take a look at the description and key shown on the result page.
page = pq(resp.content)
ok_(data["description"], page.find(".key .description").text())
ok_(key.key, page.find(".key .key").text())
# Ensure the secret on the page checks out.
secret = page.find(".key .secret").text()
ok_(key.check_secret(secret))
def test_list_key(self):
"""The current user's keys should be shown, but only that user's"""
self.client.login(username=self.username, password=self.password)
url = reverse("authkeys.list", locale="en-US")
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
for ct, key in ((1, self.key1), (1, self.key2), (0, self.key3)):
key_row = page.find(".keys #key-%s" % key.pk)
eq_(ct, key_row.length)
if ct > 0:
eq_(key.description, key_row.find(".description").text())
def test_key_history(self):
self.client.login(username=self.username, password=self.password)
# Assemble some sample log lines
log_lines = []
for i in range(0, ITEMS_PER_PAGE * 2):
log_lines.append(("ping", self.user2, "Number #%s" % i))
# Record the log lines for this key
for l in log_lines:
self.key1.log(*l)
# Reverse the lines for comparison.
log_lines.reverse()
# Iterate through 2 expected pages...
for qs, offset in (("", 0), ("?page=2", ITEMS_PER_PAGE)):
url = "%s%s" % (reverse("authkeys.history", args=(self.key1.pk,), locale="en-US"), qs)
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
rows = page.find(".item")
for idx in range(0, ITEMS_PER_PAGE):
row = rows.eq(idx)
expected = log_lines[idx + offset]
line = (row.find(".action").text(), row.find(".object").text(), row.find(".notes").text())
eq_(expected[0], line[0])
ok_("%s" % expected[1] in line[1])
eq_(expected[2], line[2])
def test_delete_key(self):
"""User should be able to delete own keys, but no one else's"""
self.client.login(username=self.username, password=self.password)
url = reverse("authkeys.delete", args=(self.key3.pk,), locale="en-US")
resp = self.client.get(url, follow=True)
eq_(403, resp.status_code)
resp = self.client.post(url, follow=False)
ok_(403, resp.status_code)
url = reverse("authkeys.delete", args=(self.key1.pk,), locale="en-US")
resp = self.client.get(url, follow=True)
eq_(200, resp.status_code)
page = pq(resp.content)
eq_(self.key1.description, page.find(".key .description").text())
resp = self.client.post(url, follow=False)
ok_(302, resp.status_code)
eq_(0, Key.objects.filter(pk=self.key1.pk).count())
class KeyViewsTest(TestCase):
def setUp(self):
self.username = '******'
self.password = '******'
self.email = '*****@*****.**'
self.user = User(username=self.username, email=self.email)
self.user.set_password(self.password)
self.user.save()
self.user2 = User(username='******', email='*****@*****.**')
self.user2.save()
self.key1 = Key(user=self.user, description='Test Key 1')
self.key1.save()
self.key2 = Key(user=self.user, description='Test Key 2')
self.key2.save()
self.key3 = Key(user=self.user2, description='Test Key 3')
self.key3.save()
self.client = Client()
def tearDown(self):
self.user.delete()
self.user2.delete()
self.key1.delete()
self.key2.delete()
self.key3.delete()
def test_new_key(self):
self.client.login(username=self.username, password=self.password)
data = {"description": "This is meant for a test app"}
url = reverse('authkeys.new', locale='en-US')
# Check out the creation page, look for the form.
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
eq_(1, page.find('form.key').length)
# We don't have this key yet, right?
keys = Key.objects.filter(description=data['description'])
eq_(0, keys.count())
# Okay, create it.
resp = self.client.post(url, data, follow=False)
eq_(200, resp.status_code)
# We have the key now, right?
keys = Key.objects.filter(description=data['description'])
eq_(1, keys.count())
# Okay, and it should belong to the logged-in user
key = keys[0]
eq_(key.user, self.user)
# Take a look at the description and key shown on the result page.
page = pq(resp.content)
ok_(data['description'], page.find('.key .description').text())
ok_(key.key, page.find('.key .key').text())
# Ensure the secret on the page checks out.
secret = page.find('.key .secret').text()
ok_(key.check_secret(secret))
def test_list_key(self):
"""The current user's keys should be shown, but only that user's"""
self.client.login(username=self.username, password=self.password)
url = reverse('authkeys.list', locale='en-US')
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
for ct, key in ((1, self.key1), (1, self.key2), (0, self.key3)):
key_row = page.find('.keys #key-%s' % key.pk)
eq_(ct, key_row.length)
if ct > 0:
eq_(key.description, key_row.find('.description').text())
def test_key_history(self):
self.client.login(username=self.username, password=self.password)
# Assemble some sample log lines
log_lines = []
for i in range(0, ITEMS_PER_PAGE * 2):
log_lines.append(('ping', self.user2, 'Number #%s' % i))
# Record the log lines for this key
for l in log_lines:
self.key1.log(*l)
# Reverse the lines for comparison.
log_lines.reverse()
# Iterate through 2 expected pages...
for qs, offset in (('', 0), ('?page=2', ITEMS_PER_PAGE)):
url = '%s%s' % (reverse(
'authkeys.history', args=(self.key1.pk, ), locale='en-US'), qs)
resp = self.client.get(url)
eq_(200, resp.status_code)
page = pq(resp.content)
rows = page.find('.item')
for idx in range(0, ITEMS_PER_PAGE):
row = rows.eq(idx)
expected = log_lines[idx + offset]
line = (row.find('.action').text(), row.find('.object').text(),
row.find('.notes').text())
eq_(expected[0], line[0])
ok_('%s' % expected[1] in line[1])
eq_(expected[2], line[2])
def test_delete_key(self):
"""User should be able to delete own keys, but no one else's"""
self.client.login(username=self.username, password=self.password)
url = reverse('authkeys.delete', args=(self.key3.pk, ), locale='en-US')
resp = self.client.get(url, follow=True)
eq_(403, resp.status_code)
resp = self.client.post(url, follow=False)
ok_(403, resp.status_code)
url = reverse('authkeys.delete', args=(self.key1.pk, ), locale='en-US')
resp = self.client.get(url, follow=True)
eq_(200, resp.status_code)
page = pq(resp.content)
eq_(self.key1.description, page.find('.key .description').text())
resp = self.client.post(url, follow=False)
ok_(302, resp.status_code)
eq_(0, Key.objects.filter(pk=self.key1.pk).count())
