def testCreateKey(self):
        session = {
            'user': User('admin'),
        }
        Body = urlencode(dict(username='******', description="A User", formUrl='/apikeyform'))
        self.assertEquals(['admin'], self.pwd.listUsernames())

        result = joco(self.apiKey.handleRequest(session=session, Body=Body, path='/action/create', Method='POST'))
        headers, body = result.split(CRLF*2)

        self.assertTrue(' 302 ' in headers, headers)
        self.assertEquals('/apikeyform', parseHeaders(headers)['Location'])
        self.assertEquals(['admin', 'user'], sorted(self.pwd.listUsernames()))

        aList = self.apiKey.listApiKeysAndData()
        self.assertEquals(1, len(aList))
        apiKey, userdata = aList[0]
        self.assertEquals('user', userdata['username'])
        self.assertTrue(16, len(apiKey))

        result = joco(self.apiKey.handleRequest(session=session, Body=Body, path='/action/create', Method='POST'))
        headers, body = result.split(CRLF*2)

        self.assertTrue(' 302 ' in headers, headers)
        self.assertEquals('/apikeyform', parseHeaders(headers)['Location'])
        self.assertEquals(['admin', 'user'], sorted(self.pwd.listUsernames()))
        self.assertEquals({'message': {'class': 'error', 'text': 'User already exists.'}}, session['ApiKey.formValues'])

        b = ApiKey(databaseFile=join(self.tempdir, 'db'))
        self.assertEquals(aList, list(b.listApiKeysAndData()))
class ApiKeyTest(SeecrTestCase):

    def setUp(self):
        SeecrTestCase.setUp(self)
        self.apiKey = ApiKey(databaseFile=join(self.tempdir, 'db'))
        self.pwd = createPasswordFile(join(self.tempdir, 'pwd'), salt="13241")
        self.apiKey.addObserver(self.pwd)

    def testCreateKey(self):
        session = {
            'user': User('admin'),
        }
        Body = urlencode(dict(username='******', description="A User", formUrl='/apikeyform'))
        self.assertEquals(['admin'], self.pwd.listUsernames())

        result = joco(self.apiKey.handleRequest(session=session, Body=Body, path='/action/create', Method='POST'))
        headers, body = result.split(CRLF*2)

        self.assertTrue(' 302 ' in headers, headers)
        self.assertEquals('/apikeyform', parseHeaders(headers)['Location'])
        self.assertEquals(['admin', 'user'], sorted(self.pwd.listUsernames()))

        aList = self.apiKey.listApiKeysAndData()
        self.assertEquals(1, len(aList))
        apiKey, userdata = aList[0]
        self.assertEquals('user', userdata['username'])
        self.assertTrue(16, len(apiKey))

        result = joco(self.apiKey.handleRequest(session=session, Body=Body, path='/action/create', Method='POST'))
        headers, body = result.split(CRLF*2)

        self.assertTrue(' 302 ' in headers, headers)
        self.assertEquals('/apikeyform', parseHeaders(headers)['Location'])
        self.assertEquals(['admin', 'user'], sorted(self.pwd.listUsernames()))
        self.assertEquals({'message': {'class': 'error', 'text': 'User already exists.'}}, session['ApiKey.formValues'])

        b = ApiKey(databaseFile=join(self.tempdir, 'db'))
        self.assertEquals(aList, list(b.listApiKeysAndData()))

    def testWithoutAdminUserLoggedIn(self):
        session = {
            'user': User('nobody'),
        }
        Body = urlencode(dict(username='******', formUrl='/apikeyform'))

        result = joco(self.apiKey.handleRequest(session=session, Body=Body, path='/action/create', Method='POST'))
        headers, body = result.split(CRLF*2)

        self.assertTrue(' 302 ' in headers, headers)
        self.assertEquals('/apikeyform', parseHeaders(headers)['Location'])
        self.assertEquals([], list(self.apiKey.listApiKeysAndData()))
        self.assertEquals({'message': {'text': 'No admin privileges.', 'class': 'error'}}, session['ApiKey.formValues'])

    def testChangeDescription(self):
        session = {
            'user': User('admin'),
        }
        Body = urlencode(dict(username='******', formUrl='/apikeyform'))

        result = joco(self.apiKey.handleRequest(session=session, Body=Body, path='/action/create', Method='POST'))
        headers, body = result.split(CRLF*2)
        self.assertEquals(['admin', 'user'], sorted(self.pwd.listUsernames()))

        aList = self.apiKey.listApiKeysAndData()
        apiKey = aList[0][0]

        result = joco(self.apiKey.handleRequest(
            session=session, 
            Body=urlencode(dict(
                apiKey=apiKey, 
                formUrl="/apikeyform", 
                description="This is the description")), 
            path="/action/update", 
            Method="POST"))

        aList = self.apiKey.listApiKeysAndData()
        self.assertEquals(1, len(aList))
        apiKey, data = aList[0]
        self.assertEquals('This is the description', data['description'])
       
    def testGetForApiKey(self):
        self.assertEquals(None, self.apiKey.getForApiKey('nonexistent'))

        result = joco(self.apiKey.handleRequest(
            session={ 'user': User('admin')},
            Body=urlencode(dict(username='******', formUrl='/apikeyform')), 
            path='/action/create', 
            Method='POST'))
        [(apiKey, userdata)] = self.apiKey.listApiKeysAndData()

        dataByApiKey = self.apiKey.getForApiKey(apiKey)
        self.assertEquals(userdata, dataByApiKey)