def test_spot_generate_max_count(self):
data = dict(count=100, )
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.post(self.GENERATE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_linking_faled_request(self):
data = dict(pids=self.random_hid, ean=self.spot.barcode)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.post(self.LINKING_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 400)
def test_spot_free(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.get(self.FREE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_linking_not_found_spot(self):
data = dict(hid=self.random_hid,
pids=self.random_hid,
ean='0011111111111')
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.post(self.LINKING_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 404)
def test_auth(self):
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, self.data)
headers = [
('Key', self.FALED_KEY),
('Sign', sign)
]
rv = self.app.post(self.GENERATE_URL, headers=headers, data=self.data)
self.assertEqual(rv.status_code, 403)
def test_spot_info_faled_hid(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
url = "%s/hid/%s" % (self.INFO_URL, 'rwewertwrgsrg')
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 404)
def test_spot_generate(self):
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, self.data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.post(self.GENERATE_URL, headers=headers, data=self.data)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_delete(self):
wallet = PaymentWallet.query.filter_by(user_id=0).first()
data = dict(hid=wallet.hard_id)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.post(self.DELETE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 201)
def test_spot_info_by_hid(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
wallet = PaymentWallet.query.first()
url = "%s/hid/%s" % (self.INFO_URL, wallet.hard_id)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_generate_faled_request(self):
data = dict(
count='erete',
)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.post(self.GENERATE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 405)
def test_spot_free(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.get(self.FREE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_info_by_ean(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
url = "%s/ean/%s" % (self.INFO_URL, self.spot.barcode)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_linking_foreign_wallet(self):
wallet = PaymentWallet.query.filter(
PaymentWallet.discodes_id != self.spot.discodes_id).first()
data = dict(hid=wallet.hard_id,
pids=self.random_hid,
ean=self.spot.barcode)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.post(self.LINKING_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 400)
def test_spot_info_faled_hid(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
url = "%s/hid/%s" % (self.INFO_URL, 'rwewertwrgsrg')
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 404)
def test_spot_linking_faled_request(self):
data = dict(
pids=self.random_hid,
ean=self.spot.barcode
)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.post(self.LINKING_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 400)
def test_spot_info_by_ean(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
url = "%s/ean/%s" % (self.INFO_URL, self.spot.barcode)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_info_by_hid(self):
data = dict()
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
wallet = PaymentWallet.query.first()
url = "%s/hid/%s" % (self.INFO_URL, wallet.hard_id)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
assert self.valid_xml(rv.data)
def test_spot_delete(self):
wallet = PaymentWallet.query.filter_by(
user_id=0).first()
data = dict(hid=wallet.hard_id)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.post(self.DELETE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 201)
def test_spot_linking_not_found_spot(self):
data = dict(
hid=self.random_hid,
pids=self.random_hid,
ean='0011111111111'
)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.post(self.LINKING_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 404)
def _api_access(request):
"""Проверка прав на доступ к апи"""
headers = request.headers
if 'Key' not in headers or 'Sign' not in headers:
abort(400)
term_user = TermUser().get_by_api_key(headers['Key'])
if not term_user:
abort(403)
true_sign = hash_helper.get_api_sign(str(term_user.api_secret),
request.form)
if not true_sign == headers['Sign']:
abort(403)
def _api_access(request):
"""Проверка прав на доступ к апи"""
headers = request.headers
if 'Key' not in headers or 'Sign' not in headers:
abort(400)
term_user = TermUser().get_by_api_key(headers['Key'])
if not term_user:
abort(403)
true_sign = hash_helper.get_api_sign(
str(term_user.api_secret),
request.form)
if not true_sign == headers['Sign']:
abort(403)
def test_spot_linking_foreign_wallet(self):
wallet = PaymentWallet.query.filter(
PaymentWallet.discodes_id != self.spot.discodes_id).first()
data = dict(
hid=wallet.hard_id,
pids=self.random_hid,
ean=self.spot.barcode
)
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [
('Key', self.ADMIN_KEY),
('Sign', sign)
]
rv = self.app.post(self.LINKING_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 400)
def test_spot_generate_faled_request(self):
data = dict(count='erete', )
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, data)
headers = [('Key', self.ADMIN_KEY), ('Sign', sign)]
rv = self.app.post(self.GENERATE_URL, headers=headers, data=data)
self.assertEqual(rv.status_code, 405)
def test_auth(self):
sign = hash_helper.get_api_sign(self.ADMIN_SECRET, self.data)
headers = [('Key', self.FALED_KEY), ('Sign', sign)]
rv = self.app.post(self.GENERATE_URL, headers=headers, data=self.data)
self.assertEqual(rv.status_code, 403)
