def test_validate_release_access_with_auth_header_and_invalid_token(rf):
user = UserFactory()
workspace = WorkspaceFactory()
# set a token so the user is considered a bot
user.rotate_token()
request = rf.get("/", HTTP_AUTHORIZATION=f"{user.username}:invalid")
request.user = AnonymousUser()
with pytest.raises(PermissionDenied):
validate_release_access(request, workspace)
def test_jobrequestapicreate_success(api_rf, pipeline_config):
backend = BackendFactory()
workspace = WorkspaceFactory()
user = UserFactory()
token = user.rotate_token()
assert not JobRequest.objects.exists()
data = {
"workspace": workspace.name,
"backend": backend.slug,
"sha": "123",
"project_definition": pipeline_config,
"requested_actions": ["test"],
}
request = api_rf.post("/",
HTTP_AUTHORIZATION=f"{user.username}:{token}",
data=data)
response = JobRequestAPICreate.as_view()(request)
assert response.status_code == 201, response.data
assert JobRequest.objects.count() == 1
job_request = JobRequest.objects.first()
assert job_request.workspace == workspace
def test_validate_release_access_with_auth_header_success(rf):
user = UserFactory()
workspace = WorkspaceFactory()
token = user.rotate_token()
request = rf.get("/", HTTP_AUTHORIZATION=f"{user.username}:{token}")
request.user = AnonymousUser()
assert validate_release_access(request, workspace) is None
def test_validate_release_access_with_auth_header_and_unknown_user(rf):
user = UserFactory()
workspace = WorkspaceFactory()
token = user.rotate_token()
request = rf.get("/", HTTP_AUTHORIZATION=f"0:{token}")
request.user = AnonymousUser()
with pytest.raises(NotAuthenticated):
validate_release_access(request, workspace)
