def test_accounts_get_all():
# superuser & read perms
dummy_accounts_fn.__module__ = "accounts"
dummy_accounts_fn.__name__ = "get"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("read") and perms.get("superuser"):
has_access = 200
else:
has_access = 401
output, ret_code = accounts_decorator(dummy_accounts_fn)()
assert has_access == ret_code
def test_course_details_delete():
# Superuser and write perms
dummy_access_fn.__module__ = "course_details"
dummy_access_fn.__name__ = "delete"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("write") and perms.get("superuser"):
has_access = 200
else:
has_access = 401
output, ret_code = access_decorator(dummy_access_fn)()
assert has_access == ret_code
def test_gpa_cards_get():
# Levels and read perms
dummy_access_fn.__module__ = "gpa_cards"
dummy_access_fn.__name__ = "get"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("read") and (400 in perms.get("levels", [])
or perms.get("superuser")):
has_access = 200
else:
has_access = 401
output, ret_code = access_decorator(dummy_access_fn)(level=400)
assert has_access == ret_code
def login(token):
try:
user = detokenize(token['token'])
stored_user = User.query.filter_by(username=user['username']).first()
if bcrypt.check_password_hash(stored_user.password, user['password']):
token_dict = {'token': token['token']}
add_token(token['token'], stored_user.username, loads(stored_user.permissions))
token_dict['title'] = stored_user.title
log(user['username'], 'users.login', login, [], [])
return token_dict, 200
return None, 401
except Exception:
return None, 401
def test_senate_version_get():
# superuser and read perms
dummy_accounts_fn.__module__ = "senate_version"
dummy_accounts_fn.__name__ = "get"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("read") and perms.get("superuser"):
has_access = 200
else:
has_access = 401
output, ret_code = accounts_decorator(dummy_accounts_fn)(
acad_session=2019)
assert has_access == ret_code
def test_accounts_get_managed():
# usernames and read perms
dummy_accounts_fn.__module__ = "accounts"
dummy_accounts_fn.__name__ = "get"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("read") and (perms.get("superuser")
or "lordfme" in perms.get("usernames", [])):
has_access = 200
else:
has_access = 401
output, ret_code = accounts_decorator(dummy_accounts_fn)(
username="******")
assert has_access == ret_code
def test_course_reg_init_new():
# Levels and read perms
dummy_access_fn.__module__ = "course_reg"
dummy_access_fn.__name__ = "init_new"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("read") and (400 in perms.get("levels", [])
or perms.get("superuser")):
has_access = 200
else:
has_access = 401
output, ret_code = access_decorator(dummy_access_fn)(
mat_no=student_400, acad_session=2019)
assert has_access == ret_code
def test_personal_info_post():
# Levels & write perms
dummy_access_fn.__module__ = "personal_info"
dummy_access_fn.__name__ = "post_exp"
student_data = {"mat_no": "ENG1603123", "level": 400}
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("write") and (student_data["level"] in perms.get(
"levels", []) or perms.get("superuser")):
has_access = 200
else:
has_access = 401
output, ret_code = access_decorator(dummy_access_fn)(data=student_data)
assert has_access == ret_code
def test_personal_info_get():
# Levels & read perms
dummy_access_fn.__module__ = "personal_info"
dummy_access_fn.__name__ = "get_exp"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("read") and (400 in perms.get("levels", [])
or perms.get("superuser")):
has_access = 200
else:
has_access = 401
output, ret_code = access_decorator(dummy_access_fn)(
mat_no=student_400)
assert has_access == ret_code
def test_accounts_put():
# superuser and write perms
dummy_accounts_fn.__module__ = "accounts"
dummy_accounts_fn.__name__ = "patch"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("write") and perms.get("superuser"):
has_access = 200
else:
has_access = 401
output, ret_code = accounts_decorator(dummy_accounts_fn)(
data={
"username": username
}, superuser=True)
assert has_access == ret_code
def test_course_reg_put():
# Superuser and write perms
dummy_access_fn.__module__ = "course_reg"
dummy_access_fn.__name__ = "put"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("write") and perms.get("superuser"):
has_access = 200
else:
has_access = 401
output, ret_code = access_decorator(dummy_access_fn)(
data={
"mat_no": student_400
})
assert has_access == ret_code
def test_accounts_manage_other():
# usernames and write perms
dummy_accounts_fn.__module__ = "accounts"
dummy_accounts_fn.__name__ = "patch"
for perms in perms_list:
config.add_token("TESTING_token", username, perms)
if perms.get("write") and (perms.get("superuser")
or "lordfme" in perms.get("usernames", [])):
has_access = 200
else:
has_access = 401
output, ret_code = accounts_decorator(dummy_accounts_fn)(
data={
"username": "******"
})
assert has_access == ret_code
def test_setup_env():
config.add_token("TESTING_token", "users_test", {})
def test_setup_env():
config.add_token("TESTING_token", "accounts_test", perms)
delete_account(acct_base["username"])
def test_setup_env():
config.add_token("TESTING_token", "coursedetails_test", {"superuser":True, "write": True, "read": True})
cur.execute(*sql_del_course())
cur.execute(*sql_del_course(inv_crs_val_2[0]))
conn.commit()
def test_setup_env():
config.add_token("TESTING_token", "personalinfo_test", perms)
delete_student("ENGTESTING")
def test_add_token():
config.add_token(*my_token)
assert token in config.tokens
assert config.tokens[token].get("user") == user
assert config.tokens[token].get("perms") == perms
config.tokens.pop(token)
