def test_should_persist_notification(client, sample_template, sample_email_template, fake_uuid, mocker, template_type, queue_name): mocked = mocker.patch( 'app.celery.provider_tasks.deliver_{}.apply_async'.format( template_type)) mocker.patch('app.notifications.process_notifications.uuid.uuid4', return_value=fake_uuid) template = sample_template if template_type == SMS_TYPE else sample_email_template to = sample_template.service.created_by.mobile_number if template_type == SMS_TYPE \ else sample_email_template.service.created_by.email_address data = {'to': to, 'template': template.id} api_key = ApiKey(service=template.service, name='team_key', created_by=template.created_by, key_type=KEY_TYPE_TEAM) save_model_api_key(api_key) auth_header = create_jwt_token(secret=api_key.secret, client_id=str(api_key.service_id)) response = client.post(path='/notifications/{}'.format(template_type), data=json.dumps(data), headers=[('Content-Type', 'application/json'), ('Authorization', 'Bearer {}'.format(auth_header))]) mocked.assert_called_once_with([fake_uuid], queue=queue_name) assert response.status_code == 201 notification = notifications_dao.get_notification_by_id(fake_uuid) assert notification.to == to assert notification.template_id == template.id assert notification.notification_type == template_type
def test_should_delete_notification_and_return_error_if_sqs_fails( client, sample_email_template, sample_template, fake_uuid, mocker, template_type, queue_name): mocked = mocker.patch( 'app.celery.provider_tasks.deliver_{}.apply_async'.format( template_type), side_effect=Exception("failed to talk to SQS")) mocker.patch('app.notifications.process_notifications.uuid.uuid4', return_value=fake_uuid) template = sample_template if template_type == SMS_TYPE else sample_email_template to = sample_template.service.created_by.mobile_number if template_type == SMS_TYPE \ else sample_email_template.service.created_by.email_address data = {'to': to, 'template': template.id} api_key = ApiKey(service=template.service, name='team_key', created_by=template.created_by, key_type=KEY_TYPE_TEAM) save_model_api_key(api_key) auth_header = create_jwt_token(secret=api_key.secret, client_id=str(api_key.service_id)) with pytest.raises(Exception) as e: client.post(path='/notifications/{}'.format(template_type), data=json.dumps(data), headers=[('Content-Type', 'application/json'), ('Authorization', 'Bearer {}'.format(auth_header)) ]) assert str(e.value) == 'failed to talk to SQS' mocked.assert_called_once_with([fake_uuid], queue=queue_name) assert not notifications_dao.get_notification_by_id(fake_uuid) assert not NotificationHistory.query.get(fake_uuid)
def test_should_send_email_to_anyone_with_test_key(client, sample_email_template, mocker, restricted, limit, fake_uuid): mocker.patch('app.celery.provider_tasks.deliver_email.apply_async') mocker.patch('app.notifications.process_notifications.uuid.uuid4', return_value=fake_uuid) data = { 'to': '*****@*****.**', 'template': sample_email_template.id } sample_email_template.service.restricted = restricted sample_email_template.service.message_limit = limit api_key = ApiKey(service=sample_email_template.service, name='test_key', created_by=sample_email_template.created_by, key_type=KEY_TYPE_TEST) save_model_api_key(api_key) auth_header = create_jwt_token(secret=api_key.secret, client_id=str(api_key.service_id)) response = client.post(path='/notifications/email', data=json.dumps(data), headers=[('Content-Type', 'application/json'), ('Authorization', 'Bearer {}'.format(auth_header))]) app.celery.provider_tasks.deliver_email.apply_async.assert_called_once_with( [fake_uuid], queue='research-mode-tasks') assert response.status_code == 201
def test_should_send_sms_if_team_api_key_and_a_service_user( client, sample_template, fake_uuid, mocker): mocker.patch('app.celery.provider_tasks.deliver_sms.apply_async') mocker.patch('app.notifications.process_notifications.uuid.uuid4', return_value=fake_uuid) data = { 'to': sample_template.service.created_by.mobile_number, 'template': sample_template.id } api_key = ApiKey(service=sample_template.service, name='team_key', created_by=sample_template.created_by, key_type=KEY_TYPE_TEAM) save_model_api_key(api_key) auth_header = create_jwt_token(secret=api_key.secret, client_id=str(api_key.service_id)) response = client.post(path='/notifications/sms', data=json.dumps(data), headers=[('Content-Type', 'application/json'), ('Authorization', 'Bearer {}'.format(auth_header))]) app.celery.provider_tasks.deliver_sms.apply_async.assert_called_once_with( [fake_uuid], queue='send-sms-tasks') assert response.status_code == 201
def test_save_api_key_should_create_new_api_key(notify_api, notify_db, notify_db_session, sample_service): api_key = ApiKey(**{'service_id': sample_service.id, 'name': sample_service.name}) save_model_api_key(api_key) all_api_keys = get_model_api_keys(service_id=sample_service.id) assert len(all_api_keys) == 1 assert all_api_keys[0] == api_key
def test_delete_service_and_associated_objects(notify_db_session): user = create_user() service = create_service(user=user, service_permissions=None) create_user_code(user=user, code='somecode', code_type='email') create_user_code(user=user, code='somecode', code_type='sms') template = create_template(service=service) api_key = create_api_key(service=service) create_notification(template=template, api_key=api_key) create_invited_user(service=service) assert ServicePermission.query.count() == len(( SMS_TYPE, EMAIL_TYPE, INTERNATIONAL_SMS_TYPE, )) delete_service_and_all_associated_db_objects(service) assert VerifyCode.query.count() == 0 assert ApiKey.query.count() == 0 assert ApiKey.get_history_model().query.count() == 0 assert Template.query.count() == 0 assert TemplateHistory.query.count() == 0 assert Job.query.count() == 0 assert Notification.query.count() == 0 assert Permission.query.count() == 0 assert User.query.count() == 0 assert InvitedUser.query.count() == 0 assert Service.query.count() == 0 assert Service.get_history_model().query.count() == 0 assert ServicePermission.query.count() == 0
def delete_service_and_all_associated_db_objects(service): def _delete_commit(query): query.delete() db.session.commit() _delete_commit(NotificationStatistics.query.filter_by(service=service)) _delete_commit(TemplateStatistics.query.filter_by(service=service)) _delete_commit(ProviderStatistics.query.filter_by(service=service)) _delete_commit(InvitedUser.query.filter_by(service=service)) _delete_commit(Permission.query.filter_by(service=service)) _delete_commit(ApiKey.query.filter_by(service=service)) _delete_commit(ApiKey.get_history_model().query.filter_by(service_id=service.id)) _delete_commit(NotificationHistory.query.filter_by(service=service)) _delete_commit(Notification.query.filter_by(service=service)) _delete_commit(Job.query.filter_by(service=service)) _delete_commit(Template.query.filter_by(service=service)) _delete_commit(TemplateHistory.query.filter_by(service_id=service.id)) verify_codes = VerifyCode.query.join(User).filter(User.id.in_([x.id for x in service.users])) list(map(db.session.delete, verify_codes)) db.session.commit() users = [x for x in service.users] map(service.users.remove, users) [service.users.remove(x) for x in users] _delete_commit(Service.get_history_model().query.filter_by(id=service.id)) db.session.delete(service) db.session.commit() list(map(db.session.delete, users)) db.session.commit()
def test_alias_activities(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) Session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") Session.commit() alias = Alias.create_new_random(user) Session.commit() # create some alias log contact = Contact.create( website_email="*****@*****.**", reply_email="[email protected]", alias_id=alias.id, user_id=alias.user_id, ) Session.commit() for _ in range(int(PAGE_LIMIT / 2)): EmailLog.create( contact_id=contact.id, is_reply=True, user_id=contact.user_id, alias_id=contact.alias_id, ) for _ in range(int(PAGE_LIMIT / 2) + 2): EmailLog.create( contact_id=contact.id, blocked=True, user_id=contact.user_id, alias_id=contact.alias_id, ) r = flask_client.get( url_for("api.get_alias_activities", alias_id=alias.id, page_id=0), headers={"Authentication": api_key.code}, ) assert r.status_code == 200 assert len(r.json["activities"]) == PAGE_LIMIT for ac in r.json["activities"]: assert ac["from"] assert ac["to"] assert ac["timestamp"] assert ac["action"] assert ac["reverse_alias"] assert ac["reverse_alias_address"] # second page, should return 1 or 2 results only r = flask_client.get( url_for("api.get_alias_activities", alias_id=alias.id, page_id=1), headers={"Authentication": api_key.code}, ) assert len(r.json["activities"]) < 3
def admin_apikey(): data = admin_apikey_data() api_key = ApiKey(desc=data['description'], role_name=data['role'], domains=[]) headers = create_apikey_headers(api_key.plain_key) return headers
def test_update_alias_mailboxes(flask_client): user = User.create( email="[email protected]", password="******", name="Test User", activated=True ) db.session.commit() mb1 = Mailbox.create(user_id=user.id, email="*****@*****.**", verified=True) mb2 = Mailbox.create(user_id=user.id, email="*****@*****.**", verified=True) # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() alias = Alias.create_new_random(user) db.session.commit() r = flask_client.put( url_for("api.update_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, json={"mailbox_ids": [mb1.id, mb2.id]}, ) assert r.status_code == 200 alias = Alias.get(alias.id) assert alias.mailbox assert len(alias._mailboxes) == 1 # fail when update with empty mailboxes r = flask_client.put( url_for("api.update_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, json={"mailbox_ids": []}, ) assert r.status_code == 400
def test_create_contact_route(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() gen_email = GenEmail.create_new_random(user) db.session.commit() r = flask_client.post( url_for("api.create_contact_route", alias_id=gen_email.id), headers={"Authentication": api_key.code}, json={"contact": "First Last <*****@*****.**>"}, ) assert r.status_code == 201 assert r.json["contact"] == "First Last <*****@*****.**>" assert "creation_date" in r.json assert "creation_timestamp" in r.json assert r.json["last_email_sent_date"] is None assert r.json["last_email_sent_timestamp"] is None assert r.json["reverse_alias"] # re-add a contact, should return 409 r = flask_client.post( url_for("api.create_contact_route", alias_id=gen_email.id), headers={"Authentication": api_key.code}, json={"contact": "First2 Last2 <*****@*****.**>"}, ) assert r.status_code == 409
def test_delete_service_and_associated_objects( notify_db, notify_db_session, sample_user, sample_service, sample_email_code, sample_sms_code, sample_template, sample_email_template, sample_api_key, sample_job, sample_notification, sample_invited_user, sample_permission, sample_provider_statistics, ): delete_service_and_all_associated_db_objects(sample_service) assert NotificationStatistics.query.count() == 0 assert TemplateStatistics.query.count() == 0 assert ProviderStatistics.query.count() == 0 assert VerifyCode.query.count() == 0 assert ApiKey.query.count() == 0 assert ApiKey.get_history_model().query.count() == 0 assert Template.query.count() == 0 assert TemplateHistory.query.count() == 0 assert Job.query.count() == 0 assert Notification.query.count() == 0 assert Permission.query.count() == 0 assert User.query.count() == 0 assert InvitedUser.query.count() == 0 assert Service.query.count() == 0 assert Service.get_history_model().query.count() == 0
def test_create_custom_alias_without_note(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create alias without note word = random_word() r = flask_client.post( url_for("api.new_custom_alias", hostname="www.test.com"), headers={"Authentication": api_key.code}, json={ "alias_prefix": "prefix", "alias_suffix": f".{word}@{EMAIL_DOMAIN}" }, ) assert r.status_code == 201 assert r.json["alias"] == f"prefix.{word}@{EMAIL_DOMAIN}" new_ge = Alias.get_by(email=r.json["alias"]) assert new_ge.note is None
def sample_admin_service_id(notify_db, notify_db_session): admin_user = sample_user(notify_db, notify_db_session, email="*****@*****.**") admin_service = sample_service(notify_db, notify_db_session, service_name="Sample Admin Service", user=admin_user) data = {'service': admin_service, 'name': 'sample admin key'} api_key = ApiKey(**data) save_model_api_key(api_key) return admin_service.id
def test_save_api_key_should_create_new_api_key_and_history(sample_service): api_key = ApiKey(**{'service': sample_service, 'name': sample_service.name, 'created_by': sample_service.created_by, 'key_type': KEY_TYPE_NORMAL}) save_model_api_key(api_key) all_api_keys = get_model_api_keys(service_id=sample_service.id) assert len(all_api_keys) == 1 assert all_api_keys[0] == api_key assert api_key.version == 1 all_history = api_key.get_history_model().query.all() assert len(all_history) == 1 assert all_history[0].id == api_key.id assert all_history[0].version == api_key.version
def get_service_history(service_id): from app.models import ApiKey, Service, TemplateHistory from app.schemas import ( api_key_history_schema, service_history_schema, template_history_schema, ) service_history = Service.get_history_model().query.filter_by( id=service_id).all() service_data = service_history_schema.dump(service_history, many=True).data api_key_history = ApiKey.get_history_model().query.filter_by( service_id=service_id).all() api_keys_data = api_key_history_schema.dump(api_key_history, many=True).data template_history = TemplateHistory.query.filter_by( service_id=service_id).all() template_data, errors = template_history_schema.dump(template_history, many=True) data = { "service_history": service_data, "api_key_history": api_keys_data, "template_history": template_data, "events": [], } return jsonify(data=data)
def test_custom_mode(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # without note r = flask_client.post( url_for("api.new_random_alias", hostname="www.test.com", mode="uuid"), headers={"Authentication": api_key.code}, ) assert r.status_code == 201 # extract the uuid part alias = r.json["alias"] uuid_part = alias[:len(alias) - len(EMAIL_DOMAIN) - 1] assert is_valid_uuid(uuid_part) # with note r = flask_client.post( url_for("api.new_random_alias", hostname="www.test.com", mode="uuid"), headers={"Authentication": api_key.code}, json={"note": "test note"}, ) assert r.status_code == 201 alias = r.json["alias"] ge = Alias.get_by(email=alias) assert ge.note == "test note"
def test_out_of_quota(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) user.trial_end = None db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create MAX_NB_EMAIL_FREE_PLAN random alias to run out of quota for _ in range(MAX_NB_EMAIL_FREE_PLAN): Alias.create_new(user, prefix="test1") r = flask_client.post( url_for("api.new_random_alias", hostname="www.test.com"), headers={"Authentication": api_key.code}, ) assert r.status_code == 400 assert ( r.json["error"] == "You have reached the limitation of a free account with the maximum of 3 aliases, please upgrade your plan to create more aliases" )
def get_service_history(service_id): from app.models import (Service, ApiKey, TemplateHistory) from app.schemas import (service_history_schema, api_key_history_schema, template_history_schema) service_history = Service.get_history_model().query.filter_by( id=service_id).all() service_data = service_history_schema.dump(service_history, many=True).data api_key_history = ApiKey.get_history_model().query.filter_by( service_id=service_id).all() api_keys_data = api_key_history_schema.dump(api_key_history, many=True).data template_history = TemplateHistory.query.filter_by( service_id=service_id).all() template_data, errors = template_history_schema.dump(template_history, many=True) data = { 'service_history': service_data, 'api_key_history': api_keys_data, 'template_history': template_data, 'events': [] } return jsonify(data=data)
def delete_service_and_all_associated_db_objects(service): def _delete_commit(query): query.delete(synchronize_session=False) db.session.commit() subq = db.session.query(Template.id).filter_by(service=service).subquery() _delete_commit(TemplateRedacted.query.filter(TemplateRedacted.template_id.in_(subq))) _delete_commit(ServiceSmsSender.query.filter_by(service=service)) _delete_commit(InvitedUser.query.filter_by(service=service)) _delete_commit(Permission.query.filter_by(service=service)) _delete_commit(NotificationHistory.query.filter_by(service=service)) _delete_commit(Notification.query.filter_by(service=service)) _delete_commit(Job.query.filter_by(service=service)) _delete_commit(Template.query.filter_by(service=service)) _delete_commit(TemplateHistory.query.filter_by(service_id=service.id)) _delete_commit(ServicePermission.query.filter_by(service_id=service.id)) _delete_commit(ApiKey.query.filter_by(service=service)) _delete_commit(ApiKey.get_history_model().query.filter_by(service_id=service.id)) _delete_commit(AnnualBilling.query.filter_by(service_id=service.id)) verify_codes = VerifyCode.query.join(User).filter(User.id.in_([x.id for x in service.users])) list(map(db.session.delete, verify_codes)) db.session.commit() users = [x for x in service.users] map(service.users.remove, users) [service.users.remove(x) for x in users] _delete_commit(Service.get_history_model().query.filter_by(id=service.id)) db.session.delete(service) db.session.commit() list(map(db.session.delete, users)) db.session.commit()
def test_get_alias(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create more aliases than PAGE_LIMIT alias = Alias.create_new_random(user) db.session.commit() # get aliases on the 1st page, should return PAGE_LIMIT aliases r = flask_client.get( url_for("api.get_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, ) assert r.status_code == 200 # assert returned field res = r.json assert "id" in res assert "email" in res assert "creation_date" in res assert "creation_timestamp" in res assert "nb_forward" in res assert "nb_block" in res assert "nb_reply" in res assert "enabled" in res assert "note" in res assert "pinned" in res
def test_get_aliases_query(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create more aliases than PAGE_LIMIT Alias.create_new(user, "prefix1") Alias.create_new(user, "prefix2") db.session.commit() # get aliases without query, should return 3 aliases as one alias is created when user is created r = flask_client.get(url_for("api.get_aliases", page_id=0), headers={"Authentication": api_key.code}) assert r.status_code == 200 assert len(r.json["aliases"]) == 3 # get aliases with "prefix1" query, should return 1 alias r = flask_client.get( url_for("api.get_aliases", page_id=0), headers={"Authentication": api_key.code}, json={"query": "prefix1"}, ) assert r.status_code == 200 assert len(r.json["aliases"]) == 1
def test_update_alias_name(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() alias = Alias.create_new_random(user) db.session.commit() r = flask_client.put( url_for("api.update_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, json={"name": "Test Name"}, ) assert r.status_code == 200 alias = Alias.get(alias.id) assert alias.name == "Test Name" # update name with linebreak r = flask_client.put( url_for("api.update_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, json={"name": "Test \nName"}, ) assert r.status_code == 200 alias = Alias.get(alias.id) assert alias.name == "Test Name"
def test_cancel_mailbox_email_change(flask_client): user = User.create( email="[email protected]", password="******", name="Test User", activated=True ) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create a mailbox mb = Mailbox.create(user_id=user.id, email="*****@*****.**") db.session.commit() # update mailbox email r = flask_client.put( f"/api/mailboxes/{mb.id}", headers={"Authentication": api_key.code}, json={"email": "*****@*****.**"}, ) assert r.status_code == 200 mb = Mailbox.get(mb.id) assert mb.new_email == "*****@*****.**" # cancel mailbox email change r = flask_client.put( url_for("api.delete_mailbox", mailbox_id=mb.id), headers={"Authentication": api_key.code}, json={"cancel_email_change": True}, ) assert r.status_code == 200 mb = Mailbox.get(mb.id) assert mb.new_email is None
def test_out_of_quota(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create 3 custom alias to run out of quota GenEmail.create_new(user.id, prefix="test") GenEmail.create_new(user.id, prefix="test") GenEmail.create_new(user.id, prefix="test") r = flask_client.post( url_for("api.new_custom_alias", hostname="www.test.com"), headers={"Authentication": api_key.code}, json={ "alias_prefix": "prefix", "alias_suffix": f".abcdef@{EMAIL_DOMAIN}" }, ) assert r.status_code == 400 assert r.json == { "error": "You have reached the limitation of a free account with the maximum of 3 aliases, please upgrade your plan to create more aliases" }
def test_update_alias_mailbox(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() mb = Mailbox.create(user_id=user.id, email="*****@*****.**", verified=True) # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() alias = Alias.create_new_random(user) db.session.commit() r = flask_client.put( url_for("api.update_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, json={"mailbox_id": mb.id}, ) assert r.status_code == 200 # fail when update with non-existing mailbox r = flask_client.put( url_for("api.update_alias", alias_id=alias.id), headers={"Authentication": api_key.code}, json={"mailbox_id": -1}, ) assert r.status_code == 400
def test_set_mailbox_as_default(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create a mailbox mb = Mailbox.create(user_id=user.id, email="*****@*****.**") db.session.commit() assert user.default_mailbox_id != mb.id r = flask_client.put( url_for("api.delete_mailbox", mailbox_id=mb.id), headers={"Authentication": api_key.code}, json={"default": True}, ) assert r.status_code == 200 mb = Mailbox.get(mb.id) assert user.default_mailbox_id == mb.id
def test_success_with_pagination(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() # create more aliases than PAGE_LIMIT for _ in range(PAGE_LIMIT + 1): GenEmail.create_new_random(user.id) db.session.commit() # get aliases on the 1st page, should return PAGE_LIMIT aliases r = flask_client.get( url_for("api.get_aliases", page_id=0), headers={"Authentication": api_key.code}, ) assert r.status_code == 200 assert len(r.json["aliases"]) == PAGE_LIMIT # get aliases on the 2nd page, should return 2 aliases # as the total number of aliases is PAGE_LIMIT +2 # 1 alias is created when user is created r = flask_client.get( url_for("api.get_aliases", page_id=1), headers={"Authentication": api_key.code}, ) assert r.status_code == 200 assert len(r.json["aliases"]) == 2
def test_get_mailboxes(flask_client): user = User.create( email="[email protected]", password="******", name="Test User", activated=True ) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() Mailbox.create(user_id=user.id, email="*****@*****.**", verified=True) Mailbox.create(user_id=user.id, email="*****@*****.**", verified=False) db.session.commit() r = flask_client.get( "/api/mailboxes", headers={"Authentication": api_key.code}, ) assert r.status_code == 200 # [email protected] is not returned as it's not verified assert len(r.json["mailboxes"]) == 2 for mb in r.json["mailboxes"]: assert "email" in mb assert "id" in mb assert "default" in mb assert "creation_timestamp" in mb assert "nb_alias" in mb assert "verified" in mb
def test_success(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() r = flask_client.post( url_for("api.new_random_alias", hostname="www.test.com"), headers={"Authentication": api_key.code}, ) assert r.status_code == 201 assert r.json["alias"].endswith(EMAIL_DOMAIN) # assert returned field res = r.json assert "id" in res assert "email" in res assert "creation_date" in res assert "creation_timestamp" in res assert "nb_forward" in res assert "nb_block" in res assert "nb_reply" in res assert "enabled" in res assert "note" in res
def test_delete_contact(flask_client): user = User.create(email="[email protected]", password="******", name="Test User", activated=True) db.session.commit() # create api_key api_key = ApiKey.create(user.id, "for test") db.session.commit() alias = Alias.create_new_random(user) db.session.commit() contact = Contact.create( alias_id=alias.id, website_email="*****@*****.**", reply_email="*****@*****.**", user_id=alias.user_id, ) db.session.commit() r = flask_client.delete( url_for("api.delete_contact", contact_id=contact.id), headers={"Authentication": api_key.code}, ) assert r.status_code == 200 assert r.json == {"deleted": True}
def create_authorization_header(service_id=None, key_type=KEY_TYPE_NORMAL): if service_id: client_id = str(service_id) secrets = ApiKey.query.filter_by(service_id=service_id, key_type=key_type).all() if secrets: secret = secrets[0].secret else: service = dao_fetch_service_by_id(service_id) data = { 'service': service, 'name': uuid.uuid4(), 'created_by': service.created_by, 'key_type': key_type } api_key = ApiKey(**data) save_model_api_key(api_key) secret = api_key.secret else: client_id = current_app.config['ADMIN_CLIENT_USER_NAME'] secret = current_app.config['ADMIN_CLIENT_SECRET'] token = create_jwt_token(secret=secret, client_id=client_id) return 'Authorization', 'Bearer {}'.format(token)
def decorated_function(*args, **kwargs): keys = ApiKey.get_all() for api_key in keys: if request.headers.get( 'X-Api-Key') and api_key.key == request.headers.get( 'X-Api-Key'): return view_function(*args, **kwargs) abort(401)