def test_create_token_with_audit(self, record):
request = self.make_request(user=self.user, method="GET")
api_token = Creator.run(
sentry_app_installation=self.sentry_app_installation,
user=self.user,
generate_audit=True,
request=request,
)
# verify token was created properly
assert api_token.expires_at is None
assert api_token.application == self.sentry_app.application
assert api_token.user == self.sentry_app.proxy_user
# check we have two tokens
sentry_app_installation_tokens = SentryAppInstallationToken.objects.filter(
sentry_app_installation=self.sentry_app_installation
)
assert len(sentry_app_installation_tokens) == 2
log = AuditLogEntry.objects.get(organization=self.org)
assert log.get_note() == "created a token for internal integration internal_app"
assert log.organization == self.org
assert log.target_object == api_token.id
record.assert_called_with(
"sentry_app_installation_token.created",
user_id=self.user.id,
organization_id=self.org.id,
sentry_app_installation_id=self.sentry_app_installation.id,
sentry_app=self.sentry_app.slug,
)
def test_create_token_without_audit_or_date(self, record, create_audit_entry):
request = self.make_request(user=self.user, method="GET")
api_token = Creator.run(
sentry_app_installation=self.sentry_app_installation, user=self.user, request=request
)
# verify token was created properly
assert api_token.expires_at is None
# check we have two tokens
sentry_app_installation_tokens = SentryAppInstallationToken.objects.filter(
sentry_app_installation=self.sentry_app_installation
)
assert len(sentry_app_installation_tokens) == 2
assert not create_audit_entry.called
record.assert_called_with(
"sentry_app_installation_token.created",
user_id=self.user.id,
organization_id=self.org.id,
sentry_app_installation_id=self.sentry_app_installation.id,
sentry_app=self.sentry_app.slug,
)
def test_create_token_with_audit(self, record):
today = date.today()
request = self.make_request(user=self.user, method='GET')
sentry_app_installation_token = Creator.run(
sentry_app_installation=self.sentry_app_installation,
expires_at=today,
user=self.user,
generate_audit=True,
request=request)
# verify token was created properly
assert sentry_app_installation_token.api_token.expires_at == today
# check we have two tokens
sentry_app_installation_tokens = SentryAppInstallationToken.objects.filter(
sentry_app_installation=self.sentry_app_installation)
assert len(sentry_app_installation_tokens) == 2
log = AuditLogEntry.objects.get(organization=self.org)
assert log.get_note(
) == 'created a token for internal integration nulldb'
assert log.organization == self.org
assert log.target_object == sentry_app_installation_token.api_token.id
record.assert_called_with(
'sentry_app_installation_token.created',
user_id=self.user.id,
organization_id=self.org.id,
sentry_app_installation_id=self.sentry_app_installation.id,
sentry_app=self.sentry_app.slug,
)
def post(self, request, sentry_app):
if not sentry_app.is_internal:
return Response(
"This route is limited to internal integrations only",
status=status.HTTP_403_FORBIDDEN,
)
sentry_app_installation = SentryAppInstallation.objects.get(
sentry_app=sentry_app)
try:
api_token = Creator.run(
request=request,
sentry_app_installation=sentry_app_installation,
user=request.user)
except ApiTokenLimitError as e:
return Response(e.message, status=status.HTTP_403_FORBIDDEN)
# hack so the token is included in the response
attrs = {"application": None}
token = ApiTokenSerializer().serialize(api_token, attrs, request.user)
if not sentry_app.show_auth_info(request.access):
token["token"] = MASKED_VALUE
token["refreshToken"] = MASKED_VALUE
return Response(token, status=201)
def _create_access_token(self):
data = {'sentry_app_installation': self.install, 'user': self.user}
sentry_app_installation_token = SentryAppInstallationTokenCreator.run(
request=self.request, **data)
self.install.api_token = sentry_app_installation_token.api_token
self.install.save()
def test_create_token(self):
today = date.today()
api_token = Creator.run(
sentry_app_installation=self.sentry_app_installation, expires_at=today, user=self.user
)
# verify token was created properly
assert api_token.expires_at == today
assert api_token.scope_list == ["org:write", "team:admin"]
def post(self, request, sentry_app):
if not sentry_app.is_internal:
return Response('This route is limited to internal integrations only',
status=status.HTTP_403_FORBIDDEN
)
sentry_app_installation = SentryAppInstallation.objects.get(sentry_app=sentry_app)
try:
api_token = Creator.run(
request=request,
sentry_app_installation=sentry_app_installation,
user=request.user,
)
except ApiTokenLimitError as e:
return Response(e.message, status=status.HTTP_403_FORBIDDEN)
# hack so the token is included in the response
attrs = {
'application': None,
}
return Response(ApiTokenSerializer().serialize(api_token, attrs, request.user), status=201)
