def test_SQLinjection(): #Can we trust the session to check? POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') maliciousQuery = "test_group; DELETE FROM GROUPS WHERE name=test_group;" response = GET('/group/health/' + maliciousQuery) response = GET('/groups') assert len(response.json()) == 1
def test_get_good_UID_in_group(): POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') POST( '/students?firstName=test_first_name&lastName=test_last_name&directoryId=test_directoryId&uid=0' ) POST('/student/uid/0/group/test_group') response = GET('/student/uid/0') assert response.status_code == 200
def test_post_deleted_student(): POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') POST( '/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0' ) DELETE('/student/directoryId/test_directory_id') response = POST('/group/test_group/student/directoryId/test_directory_id') assert response.status_code == 404
def test_put_bad_table(): POST('/classes?className=test_class') POST( '/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0' ) POST('/groups?name=test_group&className=test_class&channel=test_channel') POST('/student/uid/0/group/test_group') response = PUT( '/not_a_table/student/directoryId/test_directory_id/class/test_class') assert response.status_code == 404
def test_student_in_one_group(): POST('/students?firstName=testFirst&lastName=testLast&directoryId=testId&uid=0') POST('/classes?className=testClass') POST('/groups?name=testGroup&className=testClass&channel=testChannel') POST('/student/uid/0/group/testGroup') resp = GET('/groups/student/directoryId/testId') assert resp.status_code == 200 assert resp.json()[0]['name'] == 'testGroup' assert len(resp.json()) == 1
def test_get_empty(): POST('/classes?className=test_class') POST( '/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0' ) POST('/groups?name=test_group&className=test_class&channel=test_channel') POST('/student/uid/0/group/test_group') response = GET( '/elmsData/student/directoryId/test_directory_id/class/test_class') assert response.status_code == 200 assert response.json() is not None and response.json()['result'] == ""
def test_duplicate_name(): POST('/students?firstName=testFirst&lastName=testLast&directoryId=testId&uid=0') resp = POST('/students?firstName=testFirst&lastName=testLast&directoryId=testId1&uid=1') assert resp.status_code == 200 students = GET('/students').json() assert len(students) == 2 assert students[0]['firstName'] == students[1]['firstName'] assert students[0]['lastName'] == students[1]['lastName'] DELETE('/student/uid/0') DELETE('/student/uid/1')
def test_put_invalid_health_arg(): DELETE('/clear') POST('/classes?className=testClass') POST('/groups?name=testGroup&className=testClass&channel=testChannel') resp = PUT('/group/health/testGroup?groupHealth=0') assert resp.status_code == 400 resp = PUT('/group/health/testGroup?groupHealth=4') assert resp.status_code == 400 resp = PUT('/group/health/testGroup?groupHealth=-10') assert resp.status_code == 400
def test_post_basic(): DELETE('/clear') POST('/students?firstName=test_first_name&lastName=test_name&directoryId=test_directoryId&uid=0') DELETE('/student/directoryId/test_directoryId') response = GET('/student/directoryId/test_directoryId') assert response.status_code == 404 response = POST('/student/directoryId/test_directoryId?uid=0') assert response.status_code == 200 response = GET('/student/directoryId/test_directoryId') assert response.status_code == 200
def test_simple_post_delete(): response = POST('/students?firstName=testFirst&lastName=testLast&directoryId=testId&uid=0') assert response.status_code == 200 students = response.json() assert students['firstName'] == 'testFirst' assert students['lastName'] == 'testLast' assert students['directoryId'] == 'testId' assert students['uid'] == 0 DELETE('/student/uid/0') test_get_empty()
def test_put_get_basic(): # POST('/classes?className=test_class') # POST('/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0') # POST('/groups?name=test_group&className=test_class&channel=test_channel') # POST('/student/uid/0/group/test_group') response = POST('/elmsData/student/uid/0/class/test_class?filePath=Users/stschoberg/Desktop/435/questmetrics/QUESTmetrics/tests/files/elms_data.csv') assert response.status_code == 204 response = GET('/elmsData/student/uid/0/class/test_class') assert response.status_code == 200 assert response.json() is not None assert response.json()['result'] == true_file
def test_data_propagate(): POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') POST('/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0') POST('/student/directoryId/test_directory_id/group/test_group') #ELMS Data was inserted assert GET('/elmsData/student/uid/0/class/test_class').status_code == 200 DELETE('/student/directoryId/test_directory_id') #ELMS Data was deleted assert GET('/elmsData/student/uid/0/class/test_class').status_code == 404
def test_post_delete_basic(): POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') response = GET('/groups') assert response.status_code == 200 groups = response.json() assert groups[0]["name"] == "test_group" assert len(groups) == 1 response = DELETE('/groups?name=test_group') assert response.status_code == 204 response = GET('/groups') assert len(response.json()) == 0
def test_get_good_directoryId(): DELETE('/clear') POST('/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0') response = GET('/student/directoryId/test_directory_id') print(response.text) assert response.status_code == 200
def test_post_missing_args(): response = POST('/groups') assert response.status_code == 400 res = GET('/groups') assert res.status_code == 200 assert res.json() == []
def test_get_bad_UID_letters(): POST( '/students?firstName=test_first_name&lastName=test_last_name&directoryId=test_directoryId&uid=0' ) response = GET('/student/uid/a') assert response.status_code == 400
def test_get_after_delete(): DELETE('/clear') POST('/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0') DELETE('/student/uid/0') response = GET('/student/directoryId/test_directory_id') assert response.status_code == 404
def test_delete_bad_UID(): POST( '/students?firstName=test_first_name&lastName=test_last_name&directoryId=test_directoryId&uid=0' ) response = DELETE('/student/uid/1') assert response.status_code == 404
def test_get_good_UID(): POST( '/students?firstName=test_first_name&lastName=test_last_name&directoryId=test_directoryId&uid=0' ) response = GET('/student/uid/0') assert response.status_code == 200
def test_single_add(): POST('/classes?className=testClass') POST('/groups?name=testGroup&className=testClass&channel=testChannel') POST( '/students?firstName=testFirst&lastName=testLast&directoryId=testId&uid=0' ) POST('/student/directoryId/testId/group/testGroup') resp = GET('/students/group/testGroup') assert resp.status_code == 200 students = resp.json() assert len(students) == 1 assert students[0]['firstName'] == 'testFirst' assert students[0]['lastName'] == 'testLast' assert students[0]['directoryId'] == 'testId' assert students[0]['uid'] == 0
def test_missing_uid_args(): resp = POST('/students?firstName=testFirst&lastName=testLast&directoryId=testId') assert resp.status_code == 200 students = GET('/students').json() assert len(students) == 1 assert students[0]['uid'] == None DELETE('/student/directoryId=testId')
def test_post_duplicate(): POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') POST( '/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0' ) response = POST('/student/directoryId/test_directory_id/group/test_group') assert response.status_code == 200 response = POST('/student/directoryId/test_directory_id/group/test_group') assert response.status_code == 400 response = GET('/students/group/test_group') assert len(response.json()) == 1
def test_double_delete_directoryId(): DELETE('/clear') POST('/students?firstName=test_first_name&lastName=test_last_name&directoryId=test_directoryId&uid=0') response = DELETE('/student/directoryId/test_directoryId') assert response.status_code == 204 response = GET('/student/directoryId/test_directoryId') assert response.status_code == 404 response = DELETE('/student/directoryId/test_directoryId') assert response.status_code == 404
def test_post_delete(): #NOTE: the format to make a query and how I call the item test_class. Every test class added and removed should be called that. POST('/classes?className=test_class') response = GET('/classes') assert response.status_code == 200 classList = response.json() assert classList[0]["className"] == "test_class" DELETE('/classes?className=test_class') response = GET('/classes') assert response.json() == []
def test_put_bad_file(): POST('/classes?className=test_class') POST('/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0') POST('/groups?name=test_group&className=test_class&channel=test_channel') POST('/student/uid/0/group/test_group') #No file response = PUT('/elmsData/student/uid/0/class/test_class') assert response.status_code == 400 response = GET('/elmsData/student/uid/0/class/test_class') assert response.status_code == 200 assert response.json() is not None and response.json()['result'] == "" #Misnamed file response = response = PUT('/elmsData/student/uid/0/class/test_class', file='files/messages.csv', attachment_name='bad_name') assert response.status_code == 400 response = GET('/elmsData/student/uid/0/class/test_class') assert response.status_code == 200 assert response.json() is not None and response.json()['result'] == ""
def test_put_bad_file(): #Create class POST('/classes?className=test_class') #Create group in this class POST('/groups?name=test_group&className=test_class&channel=test_channel') #No file response = PUT('/slackData/group/test_group') assert response.status_code == 400 response = GET('/slackData/group/test_group') assert response.status_code == 200 assert response.json() is not None and response.json()['result'] == "" #Misnamed file response = response = PUT('/slackData/group/test_group', file='files/messages.csv', attachment_name='bad_name') assert response.status_code == 400 response = GET('/slackData/group/test_group') assert response.status_code == 200 assert response.json() is not None and response.json()['result'] == ""
def test_put_get_basic(): POST('/classes?className=test_class') POST( '/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0' ) POST('/groups?name=test_group&className=test_class&channel=test_channel') POST('/student/uid/0/group/test_group') p = 'files/messages.csv' response = PUT( '/elmsData/student/directoryId/test_directory_id/class/test_class', file=p, attachment_name='file') assert response.status_code == 204 response = GET( '/elmsData/student/directoryId/test_directory_id/class/test_class') assert response.status_code == 200 true_file = open(p, 'rb').read().decode('utf-8') assert response.json() is not None assert response.json()['result'] == true_file
def test_post_duplicate(): POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') response = POST('/groups?name=test_group&className=test_class&channel=test_channel') assert response.status_code == 400 response = GET('/groups') groupList = response.json() assert len(groupList) == 1
def test_many_post(): for i in range(5): response = POST('/students?firstName=testFirst{}&lastName=testLast{}&directoryId=testId{}&uid={}'.format(i, i, i, i)) assert response.status_code == 200 students = GET('/students').json() assert len(students) == 5 for i in range(5): assert students[i]['firstName'] == 'testFirst' + str(i) assert students[i]['lastName'] == 'testLast' + str(i) assert students[i]['directoryId'] == 'testId' + str(i) assert students[i]['uid'] == i resp = DELETE('/student/uid/{}'.format(i))
def test_post_delete_basic(): DELETE('/clear') POST('/classes?className=test_class') POST('/groups?name=test_group&className=test_class&channel=test_channel') POST( '/students?firstName=test_firstName&lastName=test_lastName&directoryId=test_directory_id&uid=0' ) response = POST('/student/uid/0/group/test_group') assert response.status_code == 200 group = response.json() response = GET('/students/group/test_group') assert response.status_code == 200 response = DELETE('/student/uid/0/group/test_group') assert response.status_code == 204