def test_get_session_with_anonymous_user(self): """Testing the GET session/ API with anonymous user""" rsp = self.apiGet(get_session_url(), expected_mimetype=session_mimetype) self.assertEqual(rsp['stat'], 'ok') self.assertTrue('session' in rsp) self.assertFalse(rsp['session']['authenticated'])
def test_get_with_anonymous_user(self): """Testing the GET session/ API with anonymous user""" self.client.logout() rsp = self.apiGet(get_session_url(), expected_mimetype=session_mimetype) self.assertEqual(rsp["stat"], "ok") self.assertTrue("session" in rsp) self.assertFalse(rsp["session"]["authenticated"])
def test_get_with_anonymous_user(self): """Testing the GET session/ API with anonymous user""" self.client.logout() rsp = self.api_get(get_session_url(), expected_mimetype=session_mimetype) self.assertEqual(rsp['stat'], 'ok') self.assertIn('session', rsp) self.assertFalse(rsp['session']['authenticated'])
def test_get_session_with_site(self): """Testing the GET session/ API with a local site""" self._login_user(local_site=True) rsp = self.apiGet(get_session_url(self.local_site_name), expected_mimetype=session_mimetype) self.assertEqual(rsp['stat'], 'ok') self.assertTrue('session' in rsp) self.assertTrue(rsp['session']['authenticated']) self.assertEqual(rsp['session']['links']['user']['title'], 'doc')
def test_get_session_with_logged_in_user(self): """Testing the GET session/ API with logged in user""" rsp = self.apiGet(get_session_url(), expected_mimetype=session_mimetype) self.assertEqual(rsp['stat'], 'ok') self.assertTrue('session' in rsp) self.assertTrue(rsp['session']['authenticated']) self.assertEqual(rsp['session']['links']['user']['title'], self.user.username)
def test_auth(self): """Testing OAuth2 authentication to the Web API with a valid token""" application = self.create_oauth_application(user=self.owner) token = self.create_oauth_token(application, self.user, 'session:read') with override_feature_check(oauth2_service_feature.feature_id, True): load_site_config() rsp = self.api_get(get_session_url(), HTTP_AUTHORIZATION='Bearer %s' % token.token, expected_mimetype=session_mimetype) self.assertIn('stat', rsp) self.assertEqual(rsp['stat'], 'ok')
def test_auth_invalid_scope(self): """Testing OAuth2 authentication to the Web API with a token missing scopes""" application = self.create_oauth_application(user=self.owner) token = self.create_oauth_token(application, self.user) with override_feature_check(oauth2_service_feature.feature_id, True): load_site_config() rsp = self.api_get(get_session_url(), HTTP_AUTHORIZATION='Bearer %s' % token.token, expected_status=403) self.assertIn('stat', rsp) self.assertEqual(rsp['stat'], 'fail')
def test_auth_expired(self): """Testing OAuth2 authentication to the Web API with an expired token """ application = self.create_oauth_application(user=self.owner) token = self.create_oauth_token(application, self.user, 'session:read', expires=timedelta(hours=-1)) with override_feature_check(oauth2_service_feature.feature_id, True): load_site_config() rsp = self.api_get(get_session_url(), HTTP_AUTHORIZATION='Bearer %s' % token.token, expected_status=401) self.assertIn('stat', rsp) self.assertEqual(rsp['stat'], 'fail')
def test_auth_no_local_site(self): """Testing OAuth2 authentication to the Web API of a Local Site with an application not on that Local Site """ local_site = LocalSite.objects.get(pk=1) local_site.users.add(self.user) application = self.create_oauth_application(user=self.owner) token = self.create_oauth_token(application, self.user, 'session:read') with override_feature_check(oauth2_service_feature.feature_id, True): load_site_config() rsp = self.api_get(get_session_url(local_site.name), HTTP_AUTHORIZATION='Bearer %s' % token.token, expected_status=401) self.assertIn('stat', rsp) self.assertEqual(rsp['stat'], 'fail')
def test_auth_local_site_member(self): """Testing OAuth2 authentication to the Web API of a Local Site with with an application on a that Local Site as a member """ local_site = LocalSite.objects.get(pk=1) local_site.users.add(self.user) local_site.save(update_fields=('public',)) self.assertTrue(local_site.is_accessible_by(self.user)) application = self.create_oauth_application(user=self.owner, local_site=local_site) token = self.create_oauth_token(application, self.user, 'session:read') with override_feature_check(oauth2_service_feature.feature_id, True): load_site_config() rsp = self.api_get(get_session_url(local_site.name), HTTP_AUTHORIZATION='Bearer %s' % token.token, expected_mimetype=session_mimetype) self.assertIn('stat', rsp) self.assertEqual(rsp['stat'], 'ok')
def setup_basic_delete_test(self, user, with_local_site, local_site_name): return (get_session_url(local_site_name), session_mimetype)
def setup_http_not_allowed_item_test(self, user): return get_session_url()
def setup_basic_get_test(self, user, with_local_site, local_site_name): return (get_session_url(local_site_name), session_mimetype, user)
def test_get_session_with_site_no_access(self): """Testing the GET session/ API with a local site and Permission Denied error""" self.apiGet(get_session_url(self.local_site_name), expected_status=403)