def test_post_duplicate_username(self): current_app.config.update(BYPASS_AUTH=False) admin = add_user('Alice', 'password', is_admin=True) user1 = add_user('Bob', 'password', is_admin=False) auth_token = admin.encode_auth_token_by_id().decode() with self.client: user_dict = fake_user_as_dict('Bob', 'secret-password') post_data = json.dumps(user_dict) kw_args = {'data':post_data, 'content_type':'application/json'} response = self.client.post('/api/users', headers={'Authorization': f'Bearer {auth_token}'}, **kw_args) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn('dev_message', response_data.keys())
def test_post_new_user_with_admin_priviliges(self): current_app.config.update(BYPASS_AUTH=False) admin = add_user('admin', 'admin', is_admin=True) user = add_user('user', 'user', is_admin=False) auth_token = admin.encode_auth_token_by_id().decode() with self.client: user_dict = fake_user_as_dict('new_user', 'new_user') post_data = json.dumps(user_dict) kw_args = {'data':post_data, 'content_type':'application/json'} response = self.client.post('/api/users', headers={'Authorization': f'Bearer {auth_token}'}, **kw_args) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 201) self.assertIn('success', response_data['status'])
def test_get_without_auth_token(self): current_app.config.update(BYPASS_AUTH=False) admin = add_user('Alice', 'password', is_admin=True) with self.client: response = self.client.get('/api/flightschedules', headers={}) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 401)
def test_decode_auth_token(self): user = add_user('Alice', 'secret-password') auth_token = user.encode_auth_token_by_id() user_id = User.decode_auth_token(auth_token) token_user = User.query.filter_by(id=user_id).first() self.assertEqual(user.id, token_user.id) self.assertEqual(user.username, token_user.username)
def test_logout_invalid_token(self): user = add_user('Nick', 'testing123') auth_token = user.encode_auth_token_by_id() with self.client: response = self.client.get('/api/auth/logout', headers={'Authorization': f'Bearer INVALIDTOKEN'}) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 401) self.assertIn('fail', response_data['status'])
def test_logout_happy(self): user = add_user('Nick', 'testing123') auth_token = user.encode_auth_token_by_id().decode() with self.client: response = self.client.get('/api/auth/logout', headers={'Authorization': f'Bearer {auth_token}'}) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertIn('success', response_data['status'])
def test_get_with_auth_token(self): current_app.config.update(BYPASS_AUTH=False) user = add_user('Alice', 'password', is_admin=False) auth_token = user.encode_auth_token_by_id().decode() with self.client: response = self.client.get('/api/flightschedules', headers={'Authorization': f'Bearer {auth_token}'}) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200)
def test_logout_expired_token(self): current_app.config['TOKEN_EXPIRATION_SECONDS'] = -1 user = add_user('Nick', 'testing123') auth_token = user.encode_auth_token_by_id().decode() with self.client: response = self.client.get('/api/auth/logout', headers={'Authorization': f'Bearer {auth_token}'}) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 401) self.assertIn('fail', response_data['status']) self.assertIn('Signature expired. Please log in again.', response_data['message'])
def test_login_invalid_username(self): user = add_user('Nick', 'testing123') with self.client: login_data = {'username':'******', 'password':'******'} post_data = json.dumps(login_data) kw_args = {'data':post_data, 'content_type':'application/json'} response = self.client.post('/api/auth/login', **kw_args) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn('fail', response_data['status']) self.assertIn('Username and/or password is incorrect', response_data['message'])
def test_login_happy(self): user = add_user('Nick', 'testing123') with self.client: login_data = {'username':'******', 'password':'******'} post_data = json.dumps(login_data) kw_args = {'data':post_data, 'content_type':'application/json'} response = self.client.post('/api/auth/login', **kw_args) response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertIn('success', response_data['status']) auth_token = response_data.get('auth_token') self.assertTrue(auth_token is not None)
def test_post_as_unauthenticated_user(self): current_app.config.update(BYPASS_AUTH=False) user = add_user('Bob', 'password', is_admin=False) auth_token = user.encode_auth_token_by_id().decode() test_message = fake_message_as_dict(sender='Bob') test_message['timestamp'] = str(test_message['timestamp']) with self.client: response = self.client.post( '/api/communications', data=json.dumps(test_message), content_type='application/json' ) data=json.loads(response.data.decode()) self.assertEqual(response.status_code, 401)
def test_post_with_invalid_token(self): current_app.config.update(BYPASS_AUTH=False) user = add_user('Bob', 'password', is_admin=False) auth_token = "uydbisjanxsifbinewkrnieuwd" test_message = fake_message_as_dict(sender='Bob') test_message['timestamp'] = str(test_message['timestamp']) with self.client: response = self.client.post( '/api/communications', headers={'Authorization': f'Bearer {auth_token}'}, data=json.dumps(test_message), content_type='application/json' ) data=json.loads(response.data.decode()) self.assertEqual(response.status_code, 401)
def test_unique_username_constraint(self): user1 = add_user('Alice', 'null') self.assertRaises(exc.IntegrityError, add_user, 'Alice', 'null')
def test_logout_no_token(self): user = add_user('Nick', 'testing123') with self.client: response = self.client.get('/api/auth/logout') response_data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 401)
def test_password_hashes_are_random(self): user1 = add_user('Alice', 'password1') user2 = add_user('Bob', 'password2') self.assertNotEqual(user1.password_hash, user2.password_hash)
def test_encode_auth_token(self): user = add_user('Alice', 'secret-password') auth_token = user.encode_auth_token_by_id() self.assertTrue(isinstance(auth_token, bytes))
def setUp(self): self.driver = webdriver.Firefox() self.driver.get(self.get_server_url()) db.drop_all() db.create_all() db.session.commit() # seed the database for testing timestamp = datetime.fromtimestamp(1570749472) for i in range(20): housekeepingData = fakeHousekeepingAsDict(timestamp + timedelta( minutes=i * 15)) housekeeping = Housekeeping(**housekeepingData) for i in range(1, 25): channel = fake_power_channel_as_dict(i) p = PowerChannels(**channel) housekeeping.channels.append(p) db.session.add(housekeeping) db.session.commit() commands = { 'ping': (0, False), 'get-hk': (0, False), 'turn-on': (1, True), 'turn-off': (1, True), 'set-fs': (1, True), 'upload-fs': (0, False) } for name, (num_args, is_danger) in commands.items(): c = add_telecommand(command_name=name, num_arguments=num_args, is_dangerous=is_danger) command = Telecommands.query.filter_by(command_name='ping').first() flightschedule = add_flight_schedule(creation_date=timestamp, upload_date=timestamp, status=2, execution_time=timestamp) flightschedule_commands = add_command_to_flightschedule( timestamp=timestamp, flightschedule_id=flightschedule.id, command_id=command.id) add_user(username='******', password='******', is_admin=True) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) command = Telecommands.query.filter_by(command_name='turn-on').first() flightschedule_commands = add_command_to_flightschedule( timestamp=timestamp, flightschedule_id=flightschedule.id, command_id=command.id) flightschedulecommand_arg = add_arg_to_flightschedulecommand( index=0, argument='5', flightschedule_command_id=flightschedule_commands.id) message = add_message_to_communications(timestamp=timestamp, message='ping', sender='user', receiver='comm') now = datetime.utcnow() add_passover(timestamp=now - timedelta(seconds=10)) for i in range(1, 20): p = add_passover(timestamp=now + timedelta(minutes=i * 5)) db.session.commit()
def seed_db(): """Seed the database with a set of users and flight schedules """ timestamp = datetime.fromtimestamp(1570749472) for x in range(20): # 20 days for y in range(3): # 3 entries per day housekeepingData = fakeHousekeepingAsDict( timestamp + timedelta(days=x, minutes=y * 15)) if (x + y) % 10 == 0: housekeepingData['satellite_mode'] = 'Danger' housekeeping = Housekeeping(**housekeepingData) for i in range(1, 25): channel = fake_power_channel_as_dict(i) p = PowerChannels(**channel) housekeeping.channels.append(p) db.session.add(housekeeping) db.session.commit() commands = { 'ping': (0, False), 'get-hk': (0, False), 'turn-on': (1, True), 'turn-off': (1, True), 'upload-fs': (0, False), 'adjust-attitude': (1, True), 'magnetometer': (0, False), 'imaging': (0, False) } for name, (num_args, is_danger) in commands.items(): c = add_telecommand(command_name=name, num_arguments=num_args, is_dangerous=is_danger) command = Telecommands.query.filter_by(command_name='ping').first() flightschedule = add_flight_schedule(creation_date=timestamp, upload_date=timestamp, status=2, execution_time=timestamp) flightschedule_commands = add_command_to_flightschedule( timestamp=timestamp, flightschedule_id=flightschedule.id, command_id=command.id) add_user(username='******', password='******', is_admin=True) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=True) command = Telecommands.query.filter_by(command_name='turn-on').first() flightschedule_commands = add_command_to_flightschedule( timestamp=timestamp, flightschedule_id=flightschedule.id, command_id=command.id) flightschedulecommand_arg = add_arg_to_flightschedulecommand( index=0, argument='5', flightschedule_command_id=flightschedule_commands.id) message = add_message_to_communications(timestamp=timestamp, message='ping', sender='user', receiver='comm') now = datetime.utcnow() add_passover(timestamp=now - timedelta(seconds=10)) for i in range(1, 20): p = add_passover(timestamp=now + timedelta(minutes=i * 5))
def demo_db(): timestamp = datetime.fromtimestamp(1570749472) time2 = datetime.fromisoformat('2019-11-04 00:05:23.283+00:00') #time3 = datetime.fromisoformat('2019-11-05 00:08:43.203+00:00') #time4 = datetime.fromisoformat('2019-11-05 00:15:20.118+00:00') housekeepingData = fakeHousekeepingAsDict(timestamp) hkd2 = fakeHousekeepingAsDict(time2) #hkd3 = fakeHousekeepingAsDict(time3) #hkd4 = fakeHousekeepingAsDict(time4) housekeeping = Housekeeping(**housekeepingData) hk2 = Housekeeping(**hkd2) #hk3 = Housekeeping(**hkd3) #hk4 = Housekeeping(**hkd4) db.session.add(housekeeping) db.session.add(hk2) #db.session.add(hk3) #db.session.add(hk4) db.session.commit() add_user(username='******', password='******', is_admin=True) add_user(username='******', password='******', is_admin=True) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) add_user(username='******', password='******', is_admin=False) commands = { 'ping': (0, False), 'get-hk': (0, False), 'turn-on': (1, True), 'turn-off': (1, True), 'set-fs': (1, True), 'upload-fs': (0, False) } for name, (num_args, is_danger) in commands.items(): c = add_telecommand(command_name=name, num_arguments=num_args, is_dangerous=is_danger) command = Telecommands.query.filter_by(command_name='ping').first() flightschedule = add_flight_schedule(creation_date=timestamp, upload_date=timestamp, status=2) flightschedule_commands = add_command_to_flightschedule( timestamp=timestamp, flightschedule_id=flightschedule.id, command_id=command.id) command = Telecommands.query.filter_by(command_name='turn-on').first() flightschedule_commands = add_command_to_flightschedule( timestamp=timestamp, flightschedule_id=flightschedule.id, command_id=command.id) flightschedulecommand_arg = add_arg_to_flightschedulecommand( index=0, argument='5', flightschedule_command_id=flightschedule_commands.id) message = add_message_to_communications(timestamp=timestamp, message='ping', sender='user', receiver='comm') command = Telecommands.query.filter_by(command_name='ping').first() flightschedule = add_flight_schedule(creation_date=time2, upload_date=time2, status=2) flightschedule_commands = add_command_to_flightschedule( timestamp=time2, flightschedule_id=flightschedule.id, command_id=command.id) flightschedulecommand_arg = add_arg_to_flightschedulecommand( index=1, argument='5', flightschedule_command_id=flightschedule_commands.id) message = add_message_to_communications(timestamp=time2, message='ping', sender='user', receiver='comm') now = datetime.utcnow() add_passover(timestamp=now - timedelta(seconds=10)) for i in range(5): add_passover(timestamp=now + timedelta(minutes=i * 10))