def test_refresh_token_session_expires(self):
"""用户刷新 access_token 时遇到会话过期
"""
password = "******"
user = User(username="******", password=password)
self.db.add(user)
self.db.commit()
resp = self.api_post("/token", body={
"username": user.username,
"password": password,
})
body = get_body_json(resp)
refresh_token = body["data"]["refresh_token"]
for session in self.db.query(UserSession).filter_by(
user_id=user.id).all():
session.expires_in = (
datetime.datetime.utcnow() + datetime.timedelta(seconds=60))
resp = self.api_post("/token/refresh", body={
"refresh_token": refresh_token,
})
self.assertEqual(resp.code, 200)
sessions = self.db.query(UserSession).filter_by(user_id=user.id)
self.assertEqual(sessions.count(), 1)
session = sessions.first()
self.assertNotEqual(session.refresh_token, refresh_token)
def test_delete_success(self):
"""删除成功
"""
username = "******"
password = "******"
user = User(username=username, password=password)
self.db.add(user)
self.db.commit()
app_total = 12
for i in range(app_total):
app = App(user=user, name="testapp" + str(i), app_secret="secret")
self.db.add(app)
self.db.add(
App(user=self.current_user, name="anotherapp",
app_secret="secret"))
self.db.commit()
self.assertEqual(self.db.query(App).count(), app_total + 1)
resp = self.api_delete(f"/user/{user.uuid}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
del user
self.assertEqual(self.db.query(App).count(), 1)
user = self.db.query(User).filter_by(username=username).first()
self.assertIsNone(user)
def test_success(self):
"""正确
"""
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
total = 10
user_role_total = 5
basename = "myrole"
for i in range(total):
role = Role(name=basename + str(i))
self.db.add(role)
if i < user_role_total:
user.roles.append(role)
self.db.commit()
resp = self.api_get(f"/user/{user.uuid}/role")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_user_id_role.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual([basename + str(i) for i in range(user_role_total)],
sorted([role["name"] for role in body["data"]]))
def test_many_apps(self):
"""有 App
"""
app_total = 12
for i in range(app_total):
app = App(user=self.current_user,
name="testapp" + str(i),
app_secret="secret")
self.db.add(app)
user = User(username="******", password="******")
self.db.add(user)
self.db.add(App(user=user, name="anotherapp", app_secret="secret"))
self.db.commit()
self.assertEqual(self.db.query(App).count(), app_total + 1)
resp = self.api_get("/app")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
self.assertEqual(len(body["data"]), app_total)
self.assertEqual(
sorted([item["name"] for item in body["data"]]),
sorted(["testapp" + str(i) for i in range(app_total)]))
def test_remove_success(self):
"""删除成功
"""
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
self.db.commit()
remove_role_total = 3
remove_role_list = []
role_total = 12
role_basename = "test-role"
for i in range(role_total):
role = Role(name=role_basename + str(i))
self.db.add(role)
user.roles.append(role)
self.db.commit()
if i < remove_role_total:
remove_role_list.append(str(role.uuid))
user_id = user.uuid
del user
resp = self.api_post(f"/user/{user_id}/role/remove",
body={
"roles": remove_role_list,
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
user = self.db.query(User).filter_by(uuid=user_id).one()
self.assertEqual(len(user.roles), role_total - remove_role_total)
def test_user_exist(self):
"""使用存在的用户ID
"""
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
self.db.commit()
self.append_roles(str(user.uuid))
def setUp(self):
# 每个 testcase 执行前都会执行
super().setUp()
dbc.create_all()
self.current_user = User(uuid=str(uuid.uuid4()))
self.db.add(self.current_user)
self.db.commit()
self.http_request_headers = {"X-User-Id": str(self.current_user.uuid)}
def get_current_user(self):
uid = self.request.headers.get("X-User-Id")
if not uid:
raise HTTPError(403, reason="no-x-user-id")
user = self.db.query(User).filter_by(uuid=uid).first()
if not user:
user = User(uuid=uid)
self.db.add(user)
self.db.commit()
return user
def test_update_success(self):
"""更新成功
"""
username = "******"
password = "******"
user = User(username=username, password=password)
self.db.add(user)
self.db.commit()
resp = self.api_post(f"/user/{user.uuid}",
body={
"username": username + ":new",
"password": password + ":new",
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
del user
user = self.db.query(User).filter_by(username=username + ":new").one()
self.assertEqual(user.validate_password(password + ":new"), True)
def test_not_my_app(self):
"""不是我的 App
"""
user = User(username="******", password="******")
self.db.add(user)
self.db.commit()
app = App(user=user, name="app", app_secret="secret")
self.db.add(app)
self.db.commit()
resp = self.api_delete(f"/app/{app.app_id}")
self.validate_not_found(resp)
def test_gen_token(self):
"""gen_token
"""
user = User(username="******", password="******")
self.db.add(user)
self.db.commit()
expires_in = datetime.datetime.utcnow() + datetime.timedelta(
seconds=int(settings.APP_ACCESS_TOKEN_AGE))
tok = gen_token(user, expired=expires_in)
payload = decode_token(tok)
self.assertEqual(str(user.uuid), payload["uid"])
def setUp(self):
# 每个 testcase 执行前都会执行
super().setUp()
dbc.create_all()
self.current_username = "******"
self.current_password = "******"
self.current_user = User(
username=self.current_username,
password=self.current_password)
self.db.add(self.current_user)
self.db.commit()
self.http_request_headers = {"X-User-Id": str(self.current_user.uuid)}
def test_username_exist(self):
"""用户名存在
"""
username = "******"
user = User(username=username, password="******")
self.db.add(user)
self.db.commit()
self.assertEqual(user.is_active, True)
resp = self.api_post(f"/user/{user.uuid}",
body={"username": self.current_username})
body = get_body_json(resp)
self.assertEqual(resp.code, 400)
validate_default_error(body)
self.assertEqual(body["status"], "username-exist")
def test_is_active_false(self):
"""禁止用户
"""
username = "******"
user = User(username=username, password="******")
self.db.add(user)
self.db.commit()
self.assertEqual(user.is_active, True)
resp = self.api_post(f"/user/{user.uuid}", body={"is_active": False})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
del user
user = self.db.query(User).filter_by(username=username).one()
self.assertEqual(user.is_active, False)
def setUp(self):
super().setUp()
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
role = Role(name="test-role")
self.db.add(role)
user.roles.append(role)
perm = Permission(name="test-permission")
self.db.add(perm)
role.permissions.append(perm)
self.db.commit()
self.user = user
self.permission = perm
def setUp(self):
super().setUp()
total = 5
basename = "fortest"
for _ in range(total):
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
self.db.commit()
for j in range(total):
role = Role(name=str(user.id) + basename + str(j))
self.db.add(role)
user.roles.append(role)
self.db.commit()
self.total = total * total
def post(self):
"""创建用户
"""
body = self.get_body_json()
user = self.db.query(User).filter_by(username=body["username"]).first()
if user:
self.fail("username-exist")
return
user = User(
username=body["username"],
password=body.get("password"),
)
self.db.add(user)
self.db.commit()
self.success(id=str(user.uuid))
def test_delete_success(self):
"""删除成功
"""
user = User(username="******", password="******")
self.db.add(user)
app1 = App(user=user, name="app1", app_secret="secret")
self.db.add(app1)
app2 = App(user=self.current_user, name="app2", app_secret="secret")
self.db.add(app2)
self.db.commit()
app2_id = str(app2.app_id)
resp = self.api_delete(f"/app/{app2_id}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
del app2
self.assertEqual(self.db.query(App).count(), 1)
app = self.db.query(App).filter_by(app_id=app2_id).first()
self.assertIsNone(app)
def post(self, _id):
"""增加指定用户的角色
"""
body = self.get_body_json()
# 首先检查角色ID是否都存在
roles, notexist = self.get_roles(body["roles"])
if notexist:
self.fail(error="have-not-exist", data=notexist)
return
# 如果 user 不存在,说明还未记录过,我们这里需要创建新的 User
user = self.db.query(User).filter_by(uuid=_id).first()
if not user:
user = User(uuid=_id)
self.db.add(user)
self.db.commit()
# append roles
user.roles.extend(roles)
self.db.commit()
self.success()
def test_notexist_roles(self):
"""使用不存在的角色ID
"""
user_id = str(uuid.uuid4())
user = User(uuid=user_id)
self.db.add(user)
self.db.commit()
notexist_total = 12
resp = self.api_post(
f"/user/{user_id}/role/remove",
body={
"roles": [str(uuid.uuid4()) for i in range(notexist_total)],
})
body = get_body_json(resp)
self.assertEqual(resp.code, 400)
spec = self.rs.post_user_id_role_remove.op_spec["responses"][
"default"]["schema"]
api.validate_object(spec, body)
self.assertEqual(body["status"], "have-not-exist")
self.assertEqual(len(body["data"]), notexist_total)
