def test_put_role_success(client, database, cleanup):
new_role = create_role(*admin_role)
database.session.add(new_role)
new_role = create_role(*owner_role)
database.session.add(new_role)
new_user = create_user(*user_2)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"token": token.decode("UTF-8"),
}
result = client.put(
"/roles/1",
data=dumps(payload),
content_type="application/json",
headers=headers,
)
assert result.status_code == 200
assert result.get_json() == {"msg": "Role updated successfully!"}
def test_get_role_success(client, database, cleanup):
role1 = create_role(*user_role)
database.session.add(role1)
role2 = create_role(*admin_role)
database.session.add(role2)
new_user = create_user(*user_2)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"token": token.decode("UTF-8"),
}
result = client.get("/roles/1", headers=headers)
assert result.status_code == 200
assert result.get_json() == {
"id": 1,
"name": "User",
"can_triage_requests": False,
"can_edit_settings": False,
"can_create_users": False,
"can_create_groups": False,
"can_edit_roles": False,
"can_manage_infrastructure": False,
"can_upload_data": False,
}
def test_delete_role_missing_token(client, database, cleanup):
new_role = create_role(*owner_role)
database.session.add(new_role)
new_role = create_role(*admin_role)
database.session.add(new_role)
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
headers = {}
result = client.delete("/roles/2", content_type="application/json", headers=headers)
assert result.status_code == 400
assert result.get_json()["error"] == "Missing request key!"
def test_put_role_missing_token(client, database, cleanup):
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
headers = {}
result = client.put(
"/roles/1",
data=dumps(payload),
headers=headers,
content_type="application/json",
)
assert result.status_code == 400
assert result.get_json()["error"] == "Missing request key!"
def test_post_role_bad_data(client, database, cleanup):
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"token": token.decode("UTF-8"),
}
result = client.post(
"/roles", data="{bad", headers=headers, content_type="application/json"
)
assert result.status_code == 400
def test_post_role_invalid_token(client, database, cleanup):
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"asdsadad": 124356}, app.config["SECRET_KEY"])
headers = {
"token": token.decode("UTF-8"),
}
result = client.post(
"/roles", data=dumps(payload), content_type="application/json", headers=headers
)
assert result.status_code == 403
assert result.get_json()["error"] == "Invalid credentials!"
def test_delete_role_invalid_token(client, database, cleanup):
new_role = create_role(*owner_role)
database.session.add(new_role)
new_role = create_role(*admin_role)
database.session.add(new_role)
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, "213p4u4trgsvczxnwdaere67yiukyhj")
headers = {
"token": token.decode("UTF-8"),
}
result = client.delete("/roles/2", content_type="application/json", headers=headers)
assert result.status_code == 403
assert result.get_json()["error"] == "Invalid credentials!"
def test_get_all_roles_success(client, database, cleanup):
role1 = create_role(*user_role)
database.session.add(role1)
role2 = create_role(*admin_role)
database.session.add(role2)
new_user = create_user(*user_2)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"private-key":
"3c777d6e1cece1e78aa9c26ae7fa2ecf33a6d3fb1db7c1313e7b79ef3ee884eb",
"token": token.decode("UTF-8"),
}
result = client.get("/roles", headers=headers)
assert result.status_code == 200
assert result.get_json() == [
{
"can_create_groups": False,
"can_create_users": False,
"can_edit_roles": False,
"can_edit_settings": False,
"can_manage_infrastructure": False,
"can_triage_requests": False,
"can_upload_data": False,
"id": 1,
"name": "User",
},
{
"can_create_groups": True,
"can_create_users": True,
"can_edit_roles": False,
"can_edit_settings": True,
"can_manage_infrastructure": False,
"can_triage_requests": True,
"can_upload_data": True,
"id": 2,
"name": "Administrator",
},
]
def test_get_all_roles_missing_token(client, database, cleanup):
new_role = create_role(*admin_role)
database.session.add(new_role)
new_role = create_role(*owner_role)
database.session.add(new_role)
new_user = create_user(*user_2)
database.session.add(new_user)
database.session.commit()
headers = {}
result = client.get(
"/roles", data=dumps(payload), headers=headers, content_type="application/json"
)
# assert result.status_code == 400
assert result.get_json()["error"] == "Missing request key!"
def test_delete_role_success(client, database, cleanup):
role2 = create_role(*owner_role)
database.session.add(role2)
role1 = create_role(*user_role)
database.session.add(role1)
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"token": token.decode("UTF-8"),
}
result = client.delete("/roles/2", headers=headers)
assert result.status_code == 200
assert result.get_json() == {"msg": "Role has been deleted!"}
def test_delete_role_success(client, database, cleanup):
role2 = create_role(*owner_role)
database.session.add(role2)
role1 = create_role(*user_role)
database.session.add(role1)
new_user = create_user(*user_1)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"private-key":
"3c777d6e1cece1e78aa9c26ae7fa2ecf33a6d3fb1db7c1313e7b79ef3ee884eb",
"token": token.decode("UTF-8"),
}
result = client.delete("/roles/2", headers=headers)
assert result.status_code == 204
def test_put_role_invalid_token(client, database, cleanup):
new_role = create_role(*owner_role)
new_user = create_user(*user_1)
database.session.add(new_role)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, "1029382trytdfsvcbxz")
headers = {
"token": token.decode("UTF-8"),
}
result = client.put(
"/roles/1",
data=dumps(payload),
headers=headers,
content_type="application/json",
)
assert result.status_code == 403
assert result.get_json()["error"] == "Invalid credentials!"
def test_get_all_roles_invalid_token(client, database, cleanup):
new_role = create_role(*admin_role)
database.session.add(new_role)
new_role = create_role(*owner_role)
database.session.add(new_role)
new_user = create_user(*user_2)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, "totally a secret, trust me")
headers = {
"token": token.decode("UTF-8"),
}
result = client.get(
"/roles", data=dumps(payload), headers=headers, content_type="application/json"
)
assert result.status_code == 403
assert result.get_json()["error"] == "Invalid credentials!"
def test_post_role_success(client, database, cleanup):
new_role = create_role(*admin_role)
database.session.add(new_role)
new_role = create_role(*owner_role)
database.session.add(new_role)
new_user = create_user(*user_2)
database.session.add(new_user)
database.session.commit()
token = jwt.encode({"id": 1}, app.config["SECRET_KEY"])
headers = {
"token": token.decode("UTF-8"),
}
result = client.post("/roles",
data=dumps(payload),
content_type="application/json",
headers=headers)
expected_role = payload.copy()
expected_role["id"] = 3 # Two roles already inserted
assert result.status_code == 204
