def test_login_fails_demo_project_admin(self): # Admin role on demo project, but missing the admin project (self.user, password) = create_user({'demo': 'admin'}, {'Default': 'admin'}) with self.assertRaisesRegexp(BllAuthenticationFailedException, 'access to the admin project'): auth_token.login(self.user.name, password)
def test_login_fails_domain_admin(self): # Domain admin, but lacking access to admin project (self.user, password) = create_user({'demo': 'admin'}, {'Default': 'admin'}) with self.assertRaisesRegexp(BllAuthenticationFailedException, 'access to the admin project'): auth_token.login(self.user.name, password)
def test_login_fails_domain_member(self): # Admin role on admin project, domain member, but missing the domain # admin (self.user, password) = create_user({'admin': 'admin'}, {'Default': '_member_'}) with self.assertRaisesRegexp(BllAuthenticationFailedException, 'not an admin of the default domain'): auth_token.login(self.user.name, password)
def test_login_fails_multiple_admin_projects(self): # Admin role on both projects, but missing the domain admin (self.user, password) = create_user({ 'admin': 'admin', 'demo': 'admin' }) with self.assertRaisesRegexp(BllAuthenticationFailedException, 'not authorized on the .* domain'): auth_token.login(self.user.name, password)
def login(self): (self.user, password) = create_user({'admin': 'admin'}, {'Default': 'admin'}) auth_ref = auth_token.login(self.user.name, password) self.assertIsNotNone(auth_ref) self.assertIsNotNone(auth_ref.auth_token) self.assertTrue(auth_token.validate(auth_ref.auth_token)) return auth_ref
def test_monasca_user_role(self): # Test that a user with monasca-user role can retrieve monasca data (self.user, password) = create_user({ 'admin': 'monasca-user', 'demo': 'admin' }, {'Default': 'admin'}) data = self.monitor('notification_list') self.assertGreater(len(data), 0)
def test_find_by_id(): db = DB() user = create_user() blog = create_blog(user=user) found_blog = BlogLoader.find_by_id(db, blog.id) assert found_blog.id == blog.id assert BlogLoader.find_by_id(db, -1) is None
def test_find_by_name(): db = DB() user = create_user() found_user = UserLoader.find_by_name(db, user.name) assert isinstance(found_user, User) assert found_user.name == user.name not_found_user = UserLoader.find_by_name(db, random_string(10)) assert not_found_user is None
def test_login_other_admin(self): # Domain admin, and demo project admin, and monasca-user role # on admin project. This should succeed (self.user, password) = create_user({ 'admin': 'monasca-user', 'demo': 'admin' }, {'Default': 'admin'}) auth_ref = auth_token.login(self.user.name, password) token = auth_ref.auth_token ref = auth_token.get_appropriate_auth_ref(token) self.assertIsNotNone(ref) self.assertIsNotNone(ref.auth_token) self.assertEqual('demo', ref.project_name)
def test_create(): db = DB() user = create_user() title = random_string(10) blog_id = BlogAction.create( db, owner_id=user.id, title=title, ) found_blog = BlogLoader.find_by_id(db, blog_id) assert found_blog.id == blog_id assert found_blog.owner_id == user.id assert found_blog.title == title
def test_patch_account_without_request_content_type_returning_400_status_code(client, session): """ GIVEN a Flask application WHEN the '/account' URL is requested (PATH) without the request content type THEN check the response HTTP 400 response """ user = create_user(session) tokens = create_tokens(user.username) endpoint = '/account' response = client.patch(endpoint, headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) assert response.status_code == 400 assert response.json['status'] == 'fail' assert response.json['message'] == 'bad request'
def test_auth_register_with_an_existent_username_returning_400_status_code( client, session): """ GIVEN a Flask application WHEN the '/auth/register' URL is requested (POST) with an existent username THEN check the response HTTP 400 response """ user = create_user(session) data = {'username': user.username, 'password': "******"} response = client.post('/auth/register', data=json.dumps(data), content_type='application/json') assert response.status_code == 400 assert response.json['status'] == 'fail' assert {'username': '******'} in response.json['data']
def test_patch_account_with_password_length_smaller_than_3_character_returning_400_status_code(client, session): """ GIVEN a Flask application WHEN the '/account' URL is requested (PATCH) with invalid password value THEN check the response HTTP 400 response """ user = create_user(session) tokens = create_tokens(user.username) endpoint = '/account' data = {'password': "******"} response = client.patch(endpoint, data=json.dumps(data), content_type='application/json', headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) assert response.status_code == 400 assert response.json['status'] == 'fail' assert {"password": "******"} in response.json['data']
def test_update_account_with_empty_data_returning_400_status_code( client, session): """ GIVEN a Flask application WHEN the '/account' URL is requested (PUT) with empty data THEN check the response HTTP 400 response """ user = create_user(session) tokens = create_tokens(user.username) endpoint = '/account' data = {} response = client.put( endpoint, data=json.dumps(data), content_type='application/json', headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) assert response.status_code == 400 assert response.json['status'] == 'fail' assert {'password': '******'} in response.json['data']
def test_patch_account_with_data_well_formatted_returning_200_status_code(client, session, auth): """ GIVEN a Flask application WHEN the '/account' URL is requested (PATCH) THEN check the response is valid """ user = create_user(session) tokens = create_tokens(user.username) endpoint = '/account' data = {'password': "******"} response = client.patch(endpoint, data=json.dumps(data), content_type='application/json', headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) assert response.status_code == 200 assert response.json['status'] == 'success' assert int(response.json['data']['id']) == user.id
def test_patch_account_with_an_user_already_excluded_returning_404_status_code(client, session): """ GIVEN a Flask application WHEN the '/account' URL is requested (PATCH) with inexistent user THEN check the response HTTP 404 response """ user = create_user(session) tokens = create_tokens(user.username) # delete the user session.delete(user) session.commit() # request response = client.patch('/account', content_type='application/json', headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) # asserts assert response.status_code == 404 assert response.json['status'] == 'error' assert response.json['message'] == 'not Found'
def test_delete_with_all_data_passed_returning_200_status_code( client, session): """ GIVEN a Flask application WHEN the '/account' URL is requested (DELETE) THEN check the response is valid """ user = create_user(session) tokens = create_tokens(user.username) endpoint = '/account' # assert user was deleted response = client.delete( endpoint, headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) assert response.status_code == 201 from app.model import Token tokens = session.query(Token).filter_by(user_identity=user.username, revoked=False).all() assert len(tokens) == 0
def test_delete_with_inexistent_user_id_returning_404_status_code( client, session): """ GIVEN a Flask application WHEN the '/account' URL is requested (DELETE) with inexistent user THEN check the response HTTP 404 response """ user = create_user(session) tokens = create_tokens(user.username) # delete the user session.delete(user) session.commit() # request endpoint = '/account' response = client.delete( endpoint, headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) assert response.status_code == 404 assert response.json['status'] == 'error' assert response.json['message'] == 'not Found'
def test_auth_list_tokens_of_logged_user_returning_200_status_code( client, session): """ GIVEN a Flask application WHEN the '/auth/token' URL is requested (GET) THEN check the response is valid and for the tokens created """ user = create_user(session) tokens = create_tokens(user.username) # request response = client.get( '/auth/token', content_type='application/json', headers={'Authorization': 'Bearer ' + tokens['access']['enconded']}) # asserts assert response.status_code == 200 assert response.json['status'] == 'success' data = response.json['data'] assert len(data) == 2 assert data[0]['token_type'] == 'access' assert data[0]['jti'] == tokens['access']['decoded']['jti'] assert data[1]['token_type'] == 'refresh' assert data[1]['jti'] == tokens['refresh']['decoded']['jti']
def test_login_fails_without_project_or_domain(self): (self.user, password) = create_user() with self.assertRaisesRegexp(BllAuthenticationFailedException, 'access to the admin project'): auth_token.login(self.user.name, password)