def test_bookmarklet(mockConfig, apiServer, specialUsers, weirdo, recipePageHTML):
"""
Does api/bookmarklet fetch, save, and return a response for the recipe?
"""
pGet = patch.object(treq, 'get', return_value=defer.succeed(None), autospec=True)
pTreqContent = patch.object(treq, 'content', return_value=defer.succeed(recipePageHTML), autospec=True)
with pGet, pTreqContent:
# normal bookmarkleting
reqJS = requestJSON([], session_user=weirdo)
reqJS.args['uri'] = ['http://www.foodandwine.com/recipes/poutine-style-twice-baked-potatoes']
ret = yield apiServer.handler('bookmarklet', reqJS)
assert len(recipe.Recipe.objects()) == 1
expectedResults = server.ClipResponse(
status=RS.ok, message='',
recipes=[{"name": "Delicious Meatless Meatballs", "urlKey": "weirdo-gmail-com-delicious-meatless-meatballs-"}]
)
assert ret == expectedResults
# not signed in to noms; bookmarkleting should not be allowed
reqJS = requestJSON([])
reqJS.args['uri'] = ['http://www.foodandwine.com/recipes/poutine-style-twice-baked-potatoes']
ret = yield apiServer.handler('bookmarklet', reqJS)
expectedResults = server.ClipResponse(
status=RS.error, message=server.ResponseMsg.notLoggedIn,
recipes=[],
)
assert ret == expectedResults
def test_sso(mockConfig, apiServer, req, weirdo):
"""
Does /api/sso create or return a good user?
"""
pPost = patch.object(treq, 'post',
return_value=defer.succeed(None),
autospec=True)
pGet = patch.object(treq, 'get',
return_value=defer.succeed(None),
autospec=True)
@defer.inlineCallbacks
def negotiateSSO(req=req, **user):
def auth0tokenizer():
return defer.succeed({'access_token': 'IDK!@#BBQ'})
def auth0userGetter():
return defer.succeed(dict(**user))
pContent = patch.object(treq, 'json_content',
side_effect=[auth0tokenizer(), auth0userGetter()],
autospec=True)
with pPost as mPost, pGet as mGet, pContent:
yield apiServer.handler('sso', req)
mPost.assert_called_once_with(
server.TOKEN_URL,
json.dumps({'client_id': 'abc123',
'client_secret': 'ABC!@#',
'redirect_uri': 'https://' + CONFIG.public_hostname + '/api/sso',
'code': 'idk123bbq',
'grant_type': 'authorization_code',
}, sort_keys=True),
headers=ANY)
mGet.assert_called_once_with(server.USER_URL + 'IDK!@#BBQ')
# test once with an existing user
reqJS = requestJSON([], args={'code': ['idk123bbq']})
yield negotiateSSO(reqJS, email=weirdo.email)
assert reqJS.getSession().user == weirdo
assert reqJS.responseCode == 302
assert reqJS.responseHeaders.getRawHeaders('location') == ['/']
# test again with a new user
reqJS = requestJSON([], args={'code': ['idk123bbq']})
yield negotiateSSO(reqJS,
email='*****@*****.**',
family_name='2',
given_name='weirdo'
)
assert reqJS.getSession().user.email == '*****@*****.**'
assert reqJS.responseCode == 302
assert reqJS.responseHeaders.getRawHeaders('location') == ['/']
def test_fromToken(mockDatabase, localapi):
"""
Can I construct an auth token from user that returns that same user?
"""
rq = requestJSON([], user=localapi)
u = user.User.fromRequest(rq)
assert u.id == localapi.id
# Create a deliberately incorrect token and see if it fails to auth
# (failure == anonymous user)
rq2 = requestJSON([], requestHeaders=[('x-token', ['asdfasdf'])])
u2 = user.User.fromRequest(rq2)
assert u2 is user.USER().anonymous
def test_createRecipeSave(mockConfig, apiServer, weirdo, weirdSoupPOST):
"""
Do we save data from the create form successfully?
"""
reqJS = requestJSON([], content=weirdSoupPOST, session_user=weirdo)
resp = yield apiServer.handler('createRecipeSave', reqJS)
assert resp == OK(message='weirdo-gmail-com-weird-soup-')
# the second time we should get an error because it exists
reqJS = requestJSON([], content=weirdSoupPOST, session_user=weirdo)
resp = yield apiServer.handler('createRecipeSave', reqJS)
assert resp == ERROR(message=server.ResponseMsg.renameRecipe)
anonJS = requestJSON([])
with raises(Forbidden):
yield apiServer.handler('createRecipeSave', anonJS)
def test_user(mockConfig, apiServer, weirdo):
"""
Does /api/user return the current user?
"""
req = requestJSON([], session_user=weirdo)
r = yield apiServer.handler('user', req)
assert r.email == '*****@*****.**'
def test_setHash(mockConfig, apiServer, localapi):
"""
Do I update the static hash setting via the API?
Am I able to access the API with token-based auth?
- using requestJSON(...user=)
"""
rq = requestJSON([], user=localapi)
resp = yield apiServer.handler('setHash', rq, hash='orange-banana-peach')
assert resp == OK(message="hash='orange-banana-peach'")
def test_saveRecipe(mockConfig, apiServer, weirdo, recipes):
"""
Does /api/recipe/urlKey/save ... save a specific recipe?
"""
content = dict(
name='Weird soup',
author='Weird Soup Man',
ingredients=['weirdness', 'soup'],
instructions=['mix together ingredients', 'heat through'],
)
reqJS = requestJSON([], content=content)
resp = yield apiServer.handler('saveRecipe', reqJS, urlKey='weird-sandwich-cory-')
assert resp == OK()
def test_noRecipeToBookmark(mockConfig, weirdo, apiServer):
"""
Does the application still work if there are no recipes?
"""
pageSource = ''
pGet = patch.object(treq, 'get', return_value=defer.succeed(None), autospec=True)
pTreqContent = patch.object(treq, 'content', return_value=defer.succeed(pageSource), autospec=True)
with pGet, pTreqContent:
reqJS = requestJSON([], session_user=weirdo)
reqJS.args['uri'] = ['http://www.foodandwine.com/recipes/poutine-style-twice-baked-potatoes']
ret = yield apiServer.handler('bookmarklet', reqJS)
expectedResults = server.ClipResponse(
status=RS.error, message=server.ResponseMsg.noRecipe,
recipes=[],
)
assert ret == expectedResults
def reqJS():
"""
Basic empty request that uses JSON request wrapping/unwrapping
"""
return requestJSON([])