Exemple #1
0
def test_org_users(db, account_objects, data_account_api_org_users):

    slug = account_objects.org.slug

    response = account_objects.api_client.get(
        reverse("account_api:org-users", args=(slug, )))

    assert response.status_code == int(data_account_api_org_users.status)
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_account_api_org_users.expected)

    # test user not part of org

    response = account_objects.api_client_anon.get(
        reverse("account_api:org-users",
                args=(account_objects.other_org.slug, )))

    assert response.status_code == 403

    # test unauthenticated user

    response = account_objects.api_client_anon.get(
        reverse("account_api:org-users", args=(slug, )))

    assert response.status_code == 403
Exemple #2
0
def test_org_userdel(db, account_objects, data_account_api_org_userdel):

    slug = account_objects.org.slug

    response = account_objects.api_client.delete(
        reverse("account_api:org-user", args=(slug, )),
        data=json.loads(data_account_api_org_userdel.input),
    )

    assert response.status_code == int(data_account_api_org_userdel.status)
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_account_api_org_userdel.expected)

    if data_account_api_org_userdel.name == "test0":
        assert account_objects.org.orguser_set.count() == 1

    # test user not part of org

    response = account_objects.api_client_anon.delete(
        reverse("account_api:org-user",
                args=(account_objects.other_org.slug, )),
        data=json.loads(data_account_api_org_userdel.input),
    )

    assert response.status_code == 403

    # test unauthenticated user

    response = account_objects.api_client_anon.delete(
        reverse("account_api:org-user", args=(slug, )),
        data=json.loads(data_account_api_org_userdel.input),
    )

    assert response.status_code == 403
Exemple #3
0
def test_org_update(db, account_objects, data_account_api_org_update):

    if data_account_api_org_update.name == "test_error_permissions":
        slug = account_objects.other_org.slug
    else:
        slug = account_objects.org.slug

    response = account_objects.api_client.put(
        reverse("account_api:org-detail", args=(slug, )),
        data=json.loads(data_account_api_org_update.input),
    )

    assert response.status_code == int(data_account_api_org_update.status)
    if data_account_api_org_update.name != "test_error_permissions":
        assert strip_api_fields(response.json()) == strip_api_fields(
            data_account_api_org_update.expected)

    # test unauthenticated user

    response = account_objects.api_client_anon.post(
        reverse("account_api:org-list"),
        data=json.loads(data_account_api_org_update.input),
    )

    assert response.status_code == 403
Exemple #4
0
def test_org_list(db, account_objects, data_account_api_org_list):

    response = account_objects.api_client.get(reverse("account_api:org-list"))

    assert response.status_code == int(data_account_api_org_list.status)
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_account_api_org_list.expected)

    # test unauthenticated user

    response = account_objects.api_client_anon.get(
        reverse("account_api:org-list"))

    assert response.status_code == 403
Exemple #5
0
def test_org_details(db, account_objects, data_account_api_org_details):

    response = account_objects.api_client.get(
        reverse("account_api:org-detail", args=(account_objects.org.slug, )))

    assert response.status_code == int(data_account_api_org_details.status)
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_account_api_org_details.expected)

    # test unauthenticated user

    response = account_objects.api_client_anon.get(
        reverse("account_api:org-detail", args=(account_objects.org.slug, )))

    assert response.status_code == 403
Exemple #6
0
def test_get_payment_methods(billing_objects, data_billing_api_billcon):
    response = billing_objects.api_client.get(
        reverse("billing_api:org-payment-methods",
                args=[billing_objects.org.slug]))
    assert response.status_code == 400
    assert "billcon" in response.json()["errors"]

    # Cannot access without billcon
    response = billing_objects.api_client.get(
        reverse("billing_api:org-payment-methods",
                args=[billing_objects.org.slug]) +
        f"?billcon={billing_objects.billing_contact.id}")
    print(response.content)

    assert strip_api_fields(response.json()) == strip_api_fields(
        data_billing_api_billcon.expected)
Exemple #7
0
def test_org_create(db, account_objects, data_account_api_org_create):

    response = account_objects.api_client.post(
        reverse("account_api:org-list"),
        data=json.loads(data_account_api_org_create.input),
    )

    assert response.status_code == int(data_account_api_org_create.status)
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_account_api_org_create.expected)

    # test unauthenticated user

    response = account_objects.api_client_anon.post(
        reverse("account_api:org-list"),
        data=json.loads(data_account_api_org_create.input),
    )

    assert response.status_code == 403
Exemple #8
0
def test_org_invite(db, account_objects, data_account_api_org_invite):

    input = json.loads(data_account_api_org_invite.input)
    expected = data_account_api_org_invite.expected
    slug = input.get("slug", account_objects.org.slug)

    response = getattr(account_objects,
                       input["client"]).post(reverse("account_api:org-invite",
                                                     args=(slug, )),
                                             data=input["data"])

    assert_expected(response, strip_api_fields(expected))
Exemple #9
0
def test_api_key_auth_header(db, account_objects, data_account_api_user_list):
    """
    tests api key authentication using the `Authorization` HTTP header
    """

    response = account_objects.api_client_anon.get(
        reverse("account_api:user-list"))

    assert response.status_code == 403

    response = account_objects.api_client_anon.get(
        reverse("account_api:user-list"),
        HTTP_AUTHORIZATION=f"Bearer {account_objects.api_key.key}",
    )

    assert response.status_code == 200
    assert strip_api_fields(
        response.json()) == data_account_api_user_list.expected
Exemple #10
0
def test_api_key_auth_urlparam(db, account_objects,
                               data_account_api_user_list):
    """
    tests api key authentication using the `key` url paramater
    """

    response = account_objects.api_client_anon.get(
        reverse("account_api:user-list"))

    assert response.status_code == 403

    response = account_objects.api_client_anon.get(
        reverse("account_api:user-list") +
        f"?key={account_objects.api_key.key}")

    assert response.status_code == 200
    assert strip_api_fields(
        response.json()) == data_account_api_user_list.expected
Exemple #11
0
def test_user_put(db, account_objects, data_account_api_user_put):

    response = account_objects.api_client.put(
        reverse("account_api:user-list"),
        data=json.loads(data_account_api_user_put.input),
    )

    assert response.status_code == int(data_account_api_user_put.status)
    assert strip_api_fields(
        response.json()) == data_account_api_user_put.expected

    # test unauthenticated user

    response = account_objects.api_client_anon.put(
        reverse("account_api:user-list"),
        data=json.loads(data_account_api_user_put.input),
    )

    assert response.status_code == 403
Exemple #12
0
def test_user_set_password(db, account_objects,
                           data_account_api_user_setpassword):

    response = account_objects.api_client.put(
        reverse("account_api:user-set-password"),
        data=json.loads(data_account_api_user_setpassword.input),
    )

    assert response.status_code == int(
        data_account_api_user_setpassword.status)
    assert (strip_api_fields(
        response.json()) == data_account_api_user_setpassword.expected)

    # test unauthenticated user

    response = account_objects.api_client_anon.put(
        reverse("account_api:user-set-password"),
        data=json.loads(data_account_api_user_setpassword.input),
    )

    assert response.status_code == 403
Exemple #13
0
def test_get_products(billing_objects, data_billing_api_prod):
    response = billing_objects.api_client.get(reverse("billing_api:prod-list"))
    assert response.status_code == 200
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_billing_api_prod.expected)
Exemple #14
0
def test_get_services(billing_objects, data_billing_api_subscriptions):
    response = billing_objects.api_client.get(
        reverse("billing_api:org-services", args=[billing_objects.org.slug]))
    assert strip_api_fields(response.json()) == strip_api_fields(
        data_billing_api_subscriptions.expected)