Example #1
0
    def test_logout(self):
        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', self.user_data)
        self.assertEqual(200, response.status_int)

        response = self.app.get('/api/resource/')
        self.assertEqual(200, response.status_int)

        response = self.app.get('/api/_logout')
        self.assertEqual(200, response.status_int)

        self.app = FakeApp(application)
        response = self.app.get('/api/resource/', expect_errors=True)
        self.assertEqual(401, response.status_int)
Example #2
0
def test_middleware_accepts_json(dbsession, account):
    app = FakeApp(server.make_app())
    params = {
        'account_id': account.id,
        'amount': 400,
        'user_id': 1001,
        'nonce': 'fake-valid-nonce'
    }
    resp = app.post_json('/', params, expect_errors=True)
    assert resp.status_code == 201
Example #3
0
    def test_logged_user(self):
        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', self.user_data)
        self.assertEqual(200, response.status_int)

        response = self.app.post_json('/api/_ping', self.user_data)
        self.assertEqual(200, response.status_int)

        time.sleep(6)
        response = self.app.post_json('/api/_ping',
                                      self.user_data,
                                      expect_errors=True)
        self.assertEqual(401, response.status_int)
Example #4
0
    def test_login(self):
        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', self.user_data)
        self.assertEqual(200, response.status_int)

        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', {
            "username": "******",
            "password": '******'
        },
                                      expect_errors=True)
        self.assertEqual(403, response.status_int)

        self.app = FakeApp(application)
        response = self.app.get('/api/resource/', expect_errors=True)
        self.assertEqual(401, response.status_int)

        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', self.user_data)
        self.assertEqual(200, response.status_int)

        response = self.app.get('/api/resource/')
        self.assertEqual(200, response.status_int)
Example #5
0
    def test_actions_under_authentication(self):
        response = self.app.get('/api/user/under_authentication',
                                expect_errors=True)
        self.assertEqual(403, response.status_int)

        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', {
            "username": "******",
            "password": '******'
        })
        self.assertEqual(200, response.status_int)

        response = self.app.get('/api/user/under_authentication',
                                expect_errors=True)
        self.assertEqual(200, response.status_int)
Example #6
0
 def test_action_without_model(self):
     self.app = FakeApp(application)
     response = self.app.post('/api/any/123/activate', expect_errors=True)
     self.assertEqual(404, response.status_int)
Example #7
0
    def test_shields(self):
        @register
        class MyAuth(Authentication):

            expiration_time = 5

            @classmethod
            def salt_key(cls):
                return 'ray_salt_key'

            @classmethod
            def authenticate(cls, login_data):
                if login_data['password'] == '123':
                    return {'username': '******'}

        @endpoint('/person', authentication=MyAuth)
        class PersonModel(ModelInterface):
            def __init__(self, *a, **k):
                self.login = None
                super(PersonModel, self).__init__(*a, **k)

            @classmethod
            def columns(cls):
                return ['id']

        class PersonShield(Shield):
            __model__ = PersonModel

            def get(self, user_data, person_id, parameters):
                return user_data['username'] == 'felipe'

            def put(self, user_data, person_id, parameters):
                assert person_id == '1'
                assert parameters == {'any': '*****@*****.**'}

                return True

        global global_person_id

        response = self.app.post_json('/api/_login', {
            "username": "******",
            'password': '******'
        })
        self.assertEqual(200, response.status_int)

        response = self.app.get('/api/person/')
        self.assertEqual(200, response.status_int)

        self.app = FakeApp(application)
        response = self.app.post_json('/api/_login', {
            "username": "******",
            'password': '******'
        })
        self.assertEqual(200, response.status_int)

        global global_parameters
        self.app.put_json('/api/person/1/', {'any': '*****@*****.**'})
        self.assertEqual(200, response.status_int)

        self.app = FakeApp(application)
        response = self.app.get('/api/person', expect_errors=True)
        self.assertEquals(401, response.status_int)

        self.app = FakeApp(application)
        response = self.app.post('/api/person/', expect_errors=True)
        self.assertIsNot(401, response.status_int)

        self.app = FakeApp(application)
        response = self.app.put('/api/person/', expect_errors=True)
        self.assertIsNot(404, response.status_int)

        self.app = FakeApp(application)
        response = self.app.delete('/api/person/', expect_errors=True)
        self.assertIsNot(404, response.status_int)
Example #8
0
def test_responds_400_with_empty_body():
    app = FakeApp(server.make_app())
    resp = app.post('/', expect_errors=True, content_type='application/json')
    assert resp.status_code == 400
Example #9
0
def test_middleware_rejects_non_json():
    app = FakeApp(server.make_app())
    resp = app.post('/', expect_errors=True)
    assert resp.status_code == 415
Example #10
0
 def setUp(self):
     self.app = FakeApp(application)