def test_get_endpoint_invalid(self):
# Test for a unknown section
resp = tools.make_bot_request(
tools.generate_guildapi_path() + r"config/%20%",
method = "GET"
)
tools.assure_identical_response(resp, unknown_config_response)
# Test for a invalid guild
resp = tools.make_bot_request(
f"/api/guilds/true/config/general",
method = "GET"
)
# FastAPI itself denies this one as it doesnt match a proper type
assert resp.status_code == 422
def test_patch_endpoint_invalid(self):
# Test for a unknown section
resp = tools.make_bot_request(
tools.generate_guildapi_path() + "config/spooky",
method = "PATCH",
body = patch_body
)
tools.assure_identical_response(resp, unknown_config_response)
# Test for a invalid guild
resp = tools.make_bot_request(
f"/api/guilds/292782/config/general",
method = "PATCH",
body = patch_body
)
tools.assure_identical_response(resp, bad_request_response)
def test_post_endpoint_invalid(self):
# Test for an unknown section
resp = tools.make_bot_request(
tools.generate_guildapi_path() + "config/''",
method = "POST",
body = post_body
)
tools.assure_identical_response(resp, unknown_config_response)
# Test for a invalid guild
resp = tools.make_bot_request(
f"/api/guilds/{-1111}/config/general",
method = "POST",
body = post_body
)
tools.assure_identical_response(resp, bad_request_response)
def test_mute_endpoint_invalid(self):
# Test for a bad guild
resp = tools.make_bot_request(
f"/api/guilds/{-1111}/mute",
method = "POST",
body = {
"action": "setup",
"role_id": 9999
}
)
tools.assure_identical_response(resp, bad_request_response)
# Test for request body parts, grouped for clarity
def validate_body_parts():
# Has action, no role_id
resp = self.make_mute_post({"action": "setup"})
tools.assure_identical_response(resp, no_roleid_response)
# Has role_id, no action
resp = self.make_mute_post({"role_id": 99999})
tools.assure_identical_response(resp, bad_request_response)
# Extra, unknown, fields
resp = self.make_mute_post({"action": "setup", "role_id": 99999, "test": True})
tools.assure_identical_response(resp, bad_request_response)
validate_body_parts()
# Test for a bad role_id
resp = self.make_mute_post({"action": "cleanup", "role_id": -11111})
tools.assure_identical_response(resp, bad_request_response)
# Test for improper role_id type
resp = self.make_mute_post({"action": "cleanup", "role_id": "Spooky"})
tools.assure_identical_response(resp, bad_request_response)
# Test for improper action type
resp = self.make_mute_post({"action": True, "role_id": 99999})
tools.assure_identical_response(resp, bad_request_response)
# Test for a non-existant action
resp = self.make_mute_post({"action": "spooky", "role_id": 99999})
tools.assure_identical_response(resp, bad_request_response)
def test_oauth_callback():
# These tests ensures all the proper protections are in place, not the actual OAuth flow
# No state key
resp = noauth_client.request("GET", "/api/discord/callback", allow_redirects=False)
tools.assure_identical_response(resp, bad_oauth_response)
# No OAuth code
state_key = "spooky"
resp = noauth_client.request(
"GET",
f"/api/discord/callback?state={state_key}",
allow_redirects = False,
cookies = {"state_key": state_key}
)
tools.assure_identical_response(resp, bad_oauth_response)
# Make sure we handle user OAuth denials properly
resp = noauth_client.request("GET", "/api/discord/callback?error=denied", allow_redirects=False)
assert resp.status_code == 302
assert resp.headers["location"] == CLIENT_URL
def validate_body_parts():
# Has action, no role_id
resp = self.make_mute_post({"action": "setup"})
tools.assure_identical_response(resp, no_roleid_response)
# Has role_id, no action
resp = self.make_mute_post({"role_id": 99999})
tools.assure_identical_response(resp, bad_request_response)
# Extra, unknown, fields
resp = self.make_mute_post({"action": "setup", "role_id": 99999, "test": True})
tools.assure_identical_response(resp, bad_request_response)
def test_endpoint_invalid(self):
# Test for a bad guild ID
resp = tools.make_bot_request("/api/guilds/-1111/info")
tools.assure_identical_response(resp, bad_request_response)
def test_bot_offline(self):
# Test to assure the API handles a bot outage properly
resp = tools.make_bot_request("/api/whoami")
tools.assure_identical_response(resp, no_reply_response)