コード例 #1
0
 def setUp(self):
     self.key_owner = User(username="******")
     self.key_owner.save()
     self.token = Token(description='test key valid', owner=self.key_owner, is_valid=True)
     self.key_invalid = Token(description='test key invalid', owner=self.key_owner)
     self.token.save()
     self.key_invalid.save()
コード例 #2
0
class TokenModelTest(TestCase):
    fixtures = ['tokit/fixtures/initial_data.json']
    def setUp(self):
        self.c = Client()
        self.key_owner = User(username="******")
        self.key_owner.save()
        self.token = Token(description='test key valid', owner=self.key_owner, is_valid=True)
        self.key_invalid = Token(description='test key invalid', owner=self.key_owner)
        self.token.save()
        self.key_invalid.save()
        self.request = HttpRequest()
        
    def tearDown(self):
        self.key_owner.delete()

    def test_extract_api_key_should_return_a_key_when_set_in_header(self):
        self.assertEqual(extract_api_key(self.request), None)
        self.request.META['HTTP_API_KEY'] = 12345
        self.assertEqual(extract_api_key(self.request), 12345)

    def test_extract_api_key_should_return_the_key_from_the_querystring_for_get(self):
        self.request.method = "GET"
        self.request.GET['api_key'] = 12345
        self.assertEqual(extract_api_key(self.request), 12345)
        
    def test_extract_api_key_should_return_the_key_from_the_querystring_for_post(self):
        self.request.method = "POST"
        self.request.POST['api_key'] = 12345
        self.assertEqual(extract_api_key(self.request), 12345)
コード例 #3
0
    def test_has_permission_should_return_a_boolean_specifying_if_the_key_has_the_requested_permission(self):
        token = Token(description='test key', owner=self.key_owner, is_valid=True)
        token.save()
        token.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        key_postandget = Token(description='test key', owner=self.key_owner, is_valid=True)
        key_postandget.save()
        key_postandget.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        key_postandget.permissions.add(TokenPermission.objects.get(codename='can_post_to_api'))

        self.assertTrue(token.has_permission('can_get_from_api'))
        self.assertFalse(token.has_permission('can_post_to_api'))
        self.assertTrue(key_postandget.has_permission('can_get_from_api'))
        self.assertTrue(key_postandget.has_permission('can_post_to_api'))
コード例 #4
0
 def setUp(self):
     self.key_owner = User(username="******")
     self.key_owner.save()
     self.api_key = Token(key="101010", owner=self.key_owner)
     self.api_key.access_count_last_day = 0
     self.api_key.save()
     self.api_key.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
     self.api_key.permissions.add(TokenPermission.objects.get(codename='can_post_to_api'))
コード例 #5
0
 def test_has_all_permissions_should_return_a_boolean_if_token_has_all_required_permissions(self):
     key_postandget = Token(description='test key', owner=self.key_owner, is_valid=True)
     key_postandget.save()
     key_postandget.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
     key_postandget.permissions.add(TokenPermission.objects.get(codename='can_post_to_api'))
     permissions = ['can_get_from_api', 'can_post_to_api']
     permissions_false = ['can_vote_in_china', 'can_get_from_api']
     
     self.assertTrue(key_postandget.has_all_permissions(permissions))
     self.assertFalse(key_postandget.has_all_permissions(permissions_false))
     key_postandget.delete()
コード例 #6
0
 def test_decorated_function_should_fail_if_key_dont_have_permission_assign(self) :
     token = Token(key="101011", owner=self.key_owner)
     token.is_valid = True
     token.save()
     @validate_token(permissions=['can_post_to_api'])
     def silly_fun(req) :
         return "success"
     request = Dummy()
     request.POST = {"api_key" : token.key }
     request.method = "POST"
     result = silly_fun(request)
     self.assertEqual(result.content, """{"msg": "Error this key does not have the permission to access this call", "status": -997, "API_KEY": "101011", "method": "POST"}""")
     token.delete()
コード例 #7
0
class DecoratorsTest(TestCase) :
    fixtures = ['tokit/fixtures/initial_data.json']
    def setUp(self):
        self.key_owner = User(username="******")
        self.key_owner.save()
        self.api_key = Token(key="101010", owner=self.key_owner)
        self.api_key.access_count_last_day = 0
        self.api_key.save()
        self.api_key.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        self.api_key.permissions.add(TokenPermission.objects.get(codename='can_post_to_api'))
        
    def tearDown(self):
        self.api_key.delete()
        self.key_owner.delete()
        
    def test_decorated_function_should_pass_with_valid_key(self) :
        self.api_key.is_valid = True       
        self.api_key.is_internal = True
        self.api_key.save()
        @validate_token(permissions=['can_post_to_api', 'can_get_from_api'])
        def silly_fun(req) :
            return "success"
        request = Dummy()
        request.POST = { "api_key" : self.api_key.key }
        request.method = "POST"
        print silly_fun(request)
        assert silly_fun(request) == "success", "Key was found to be invalid"

    def test_decorated_function_should_fail_if_key_dont_have_permission_assign(self) :
        token = Token(key="101011", owner=self.key_owner)
        token.is_valid = True
        token.save()
        @validate_token(permissions=['can_post_to_api'])
        def silly_fun(req) :
            return "success"
        request = Dummy()
        request.POST = {"api_key" : token.key }
        request.method = "POST"
        result = silly_fun(request)
        self.assertEqual(result.content, """{"msg": "Error this key does not have the permission to access this call", "status": -997, "API_KEY": "101011", "method": "POST"}""")
        token.delete()
    
    def test_decorated_function_should_fail_with_invalid_key_POST(self) :
        self.api_key.is_valid = False
        self.api_key.is_internal = True
        self.api_key.save()
        @validate_token(permissions=['can_post_to_api', 'can_get_from_api'])
        def silly_fun(req) :
            return "success"
        request = Dummy()
        request.POST = {"api_key" : self.api_key.key }
        request.method = "POST"
        result = silly_fun(request)
        assert result.content == """{"msg": "Error INVALID API Key used please use or register a proper key", "status": -999, "API_KEY": "101010", "method": "POST"}""", "Key was found to be invalid"

    def test_decorated_function_should_fail_with_invalid_key_GET(self):
        self.api_key.is_valid = False
        self.api_key.is_internal = False
        @validate_token()
        def silly_fun(req) :
            return "success"
        request = Dummy()
        request.GET = {"api_key" : 'bob' }
        request.method = "GET"
        result = silly_fun(request)
        assert result.content == """{"msg": "Error INVALID API Key used please use or register a proper key", "status": -999, "API_KEY": "bob", "method": "GET"}""", "Expected the key to check as False"
        
    def test_decorated_function_should_valid_token_quota_is_over_limit_and_should_check_false(self):
        self.api_key.is_valid = True
        self.api_key.access_count_last_day = 1000000
        self.api_key.save()
        @validate_token()
        def silly_fun(req) :
            return "success"
        request = Dummy()
        request.GET = {"api_key" : self.api_key.key }
        request.method = "GET"
        result = silly_fun(request)
        self.assertEqual(result.content, """{"msg": "Error quota exceeded!", "status": -800, "API_KEY": "101010", "method": "GET"}""")
        
    def test_valid_token_over_its_limit_that_is_internal_should_check_true(self):
        self.api_key.is_valid = True
        self.api_key.access_count_last_day = 1000000
        self.api_key.is_internal = True
        self.api_key.save()
        @validate_token()
        def silly_fun(req) :
            return "success"
        request = Dummy()
        request.GET = {"api_key" : self.api_key.key }
        request.method = "GET"
        result = silly_fun(request)
        self.assertEqual(result, 'success')
コード例 #8
0
class TokenModelTest(TestCase):
    fixtures = ['tokit/fixtures/initial_data.json']
    def setUp(self):
        self.key_owner = User(username="******")
        self.key_owner.save()
        self.token = Token(description='test key valid', owner=self.key_owner, is_valid=True)
        self.key_invalid = Token(description='test key invalid', owner=self.key_owner)
        self.token.save()
        self.key_invalid.save()

    def tearDown(self):
        self.key_invalid.delete()
        self.token.delete()
        self.key_owner.delete()

    def test_token_should_be_able_to_generate_unique_key_on_creation(self):
        key = Token(description='test key', owner=self.key_owner)
        key.save()
        self.assertFalse(key.key in ['',0 ])
        key.delete()

    def test_is_key_valid_should_return_true_if_the_key_exist_and_is_valid(self):
        self.assertTrue(Token.objects.is_key_valid(self.token.key))
        self.assertFalse(Token.objects.is_key_valid(self.key_invalid.key))
        self.assertFalse(Token.objects.is_key_valid('asdfa-asdf-ads'))

    def test_get_permissions_should_return_a_list_of_permissions_the_token_has_set(self):
        token = Token(description='test key valid', owner=self.key_owner, is_valid=True)
        token.save()
        token.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        self.assertEqual(['can_get_from_api'], token.get_permissions())

    def test_has_permission_should_return_a_boolean_specifying_if_the_key_has_the_requested_permission(self):
        token = Token(description='test key', owner=self.key_owner, is_valid=True)
        token.save()
        token.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        key_postandget = Token(description='test key', owner=self.key_owner, is_valid=True)
        key_postandget.save()
        key_postandget.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        key_postandget.permissions.add(TokenPermission.objects.get(codename='can_post_to_api'))

        self.assertTrue(token.has_permission('can_get_from_api'))
        self.assertFalse(token.has_permission('can_post_to_api'))
        self.assertTrue(key_postandget.has_permission('can_get_from_api'))
        self.assertTrue(key_postandget.has_permission('can_post_to_api'))
    
    def test_has_all_permissions_should_return_a_boolean_if_token_has_all_required_permissions(self):
        key_postandget = Token(description='test key', owner=self.key_owner, is_valid=True)
        key_postandget.save()
        key_postandget.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
        key_postandget.permissions.add(TokenPermission.objects.get(codename='can_post_to_api'))
        permissions = ['can_get_from_api', 'can_post_to_api']
        permissions_false = ['can_vote_in_china', 'can_get_from_api']
        
        self.assertTrue(key_postandget.has_all_permissions(permissions))
        self.assertFalse(key_postandget.has_all_permissions(permissions_false))
        key_postandget.delete()

    def test_has_access_should_return_true_if_token_is_internal(self):
        self.token.is_internal = True
        self.assertTrue(self.token.has_access())
        
    def test_has_access_should_validate_if_token_exceeded_access_quota_and_is_not_internal(self):
        self.token.is_internal = False
        self.token.access_count_last_day = 1800
        self.assertTrue(self.token.has_access())
        self.token.access_count_last_day = 2200
        self.assertFalse(self.token.has_access())
コード例 #9
0
 def test_get_permissions_should_return_a_list_of_permissions_the_token_has_set(self):
     token = Token(description='test key valid', owner=self.key_owner, is_valid=True)
     token.save()
     token.permissions.add(TokenPermission.objects.get(codename='can_get_from_api'))
     self.assertEqual(['can_get_from_api'], token.get_permissions())
コード例 #10
0
 def test_token_should_be_able_to_generate_unique_key_on_creation(self):
     key = Token(description='test key', owner=self.key_owner)
     key.save()
     self.assertFalse(key.key in ['',0 ])
     key.delete()