def test_accounts_get_all(): # superuser & read perms dummy_accounts_fn.__module__ = "accounts" dummy_accounts_fn.__name__ = "get" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("read") and perms.get("superuser"): has_access = 200 else: has_access = 401 output, ret_code = accounts_decorator(dummy_accounts_fn)() assert has_access == ret_code
def test_course_details_delete(): # Superuser and write perms dummy_access_fn.__module__ = "course_details" dummy_access_fn.__name__ = "delete" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("write") and perms.get("superuser"): has_access = 200 else: has_access = 401 output, ret_code = access_decorator(dummy_access_fn)() assert has_access == ret_code
def test_gpa_cards_get(): # Levels and read perms dummy_access_fn.__module__ = "gpa_cards" dummy_access_fn.__name__ = "get" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("read") and (400 in perms.get("levels", []) or perms.get("superuser")): has_access = 200 else: has_access = 401 output, ret_code = access_decorator(dummy_access_fn)(level=400) assert has_access == ret_code
def login(token): try: user = detokenize(token['token']) stored_user = User.query.filter_by(username=user['username']).first() if bcrypt.check_password_hash(stored_user.password, user['password']): token_dict = {'token': token['token']} add_token(token['token'], stored_user.username, loads(stored_user.permissions)) token_dict['title'] = stored_user.title log(user['username'], 'users.login', login, [], []) return token_dict, 200 return None, 401 except Exception: return None, 401
def test_senate_version_get(): # superuser and read perms dummy_accounts_fn.__module__ = "senate_version" dummy_accounts_fn.__name__ = "get" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("read") and perms.get("superuser"): has_access = 200 else: has_access = 401 output, ret_code = accounts_decorator(dummy_accounts_fn)( acad_session=2019) assert has_access == ret_code
def test_accounts_get_managed(): # usernames and read perms dummy_accounts_fn.__module__ = "accounts" dummy_accounts_fn.__name__ = "get" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("read") and (perms.get("superuser") or "lordfme" in perms.get("usernames", [])): has_access = 200 else: has_access = 401 output, ret_code = accounts_decorator(dummy_accounts_fn)( username="******") assert has_access == ret_code
def test_course_reg_init_new(): # Levels and read perms dummy_access_fn.__module__ = "course_reg" dummy_access_fn.__name__ = "init_new" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("read") and (400 in perms.get("levels", []) or perms.get("superuser")): has_access = 200 else: has_access = 401 output, ret_code = access_decorator(dummy_access_fn)( mat_no=student_400, acad_session=2019) assert has_access == ret_code
def test_personal_info_post(): # Levels & write perms dummy_access_fn.__module__ = "personal_info" dummy_access_fn.__name__ = "post_exp" student_data = {"mat_no": "ENG1603123", "level": 400} for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("write") and (student_data["level"] in perms.get( "levels", []) or perms.get("superuser")): has_access = 200 else: has_access = 401 output, ret_code = access_decorator(dummy_access_fn)(data=student_data) assert has_access == ret_code
def test_personal_info_get(): # Levels & read perms dummy_access_fn.__module__ = "personal_info" dummy_access_fn.__name__ = "get_exp" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("read") and (400 in perms.get("levels", []) or perms.get("superuser")): has_access = 200 else: has_access = 401 output, ret_code = access_decorator(dummy_access_fn)( mat_no=student_400) assert has_access == ret_code
def test_accounts_put(): # superuser and write perms dummy_accounts_fn.__module__ = "accounts" dummy_accounts_fn.__name__ = "patch" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("write") and perms.get("superuser"): has_access = 200 else: has_access = 401 output, ret_code = accounts_decorator(dummy_accounts_fn)( data={ "username": username }, superuser=True) assert has_access == ret_code
def test_course_reg_put(): # Superuser and write perms dummy_access_fn.__module__ = "course_reg" dummy_access_fn.__name__ = "put" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("write") and perms.get("superuser"): has_access = 200 else: has_access = 401 output, ret_code = access_decorator(dummy_access_fn)( data={ "mat_no": student_400 }) assert has_access == ret_code
def test_accounts_manage_other(): # usernames and write perms dummy_accounts_fn.__module__ = "accounts" dummy_accounts_fn.__name__ = "patch" for perms in perms_list: config.add_token("TESTING_token", username, perms) if perms.get("write") and (perms.get("superuser") or "lordfme" in perms.get("usernames", [])): has_access = 200 else: has_access = 401 output, ret_code = accounts_decorator(dummy_accounts_fn)( data={ "username": "******" }) assert has_access == ret_code
def test_setup_env(): config.add_token("TESTING_token", "users_test", {})
def test_setup_env(): config.add_token("TESTING_token", "accounts_test", perms) delete_account(acct_base["username"])
def test_setup_env(): config.add_token("TESTING_token", "coursedetails_test", {"superuser":True, "write": True, "read": True}) cur.execute(*sql_del_course()) cur.execute(*sql_del_course(inv_crs_val_2[0])) conn.commit()
def test_setup_env(): config.add_token("TESTING_token", "personalinfo_test", perms) delete_student("ENGTESTING")
def test_add_token(): config.add_token(*my_token) assert token in config.tokens assert config.tokens[token].get("user") == user assert config.tokens[token].get("perms") == perms config.tokens.pop(token)