def test_authorized_access_to_get_token(self): admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) response = self.client.get(url_for('webhook.get_token'), data=json.dumps(TelegramUpdates.EMPTY), follow_redirects=True, headers=headers) self.assertEqual(response.status_code, 200, 'Failed to give access for a valid authorized user') response_json = json.loads(response.data) self.assertEqual(response_json['expiration'], 3600)
def test_setting_webhook_with_exception_raised(self, mock_requests): from requests.exceptions import RequestException mock_requests.side_effect = RequestException('Boom!') admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) response_json = json.loads(response.data) self.assertEqual( response_json['error_code'], 599, 'Failed to return error code 599 when RequestException is thrown') mock_requests.assert_called()
def test_sethook_moderator_user(self, mock_requests): moderator_role = Role.query.filter_by(name='Moderator').first() moderator = User( email='*****@*****.**', username='******', role=moderator_role, password='******', confirmed=True, ) db.session.add(moderator) db.session.commit() headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) self.assertEqual(response.status_code, 403, 'Failed to forbid access for a moderator user') with self.assertRaises(AssertionError) as err: mock_requests.assert_called() self.assertIn("Expected 'post' to have been called", str(err.exception))
def test_sethook_administrator_user(self, mock_requests): admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() # Werkzeug's test client doesn't have embedded # Basic HTTP Authentication out of box like requests have, # so we have to implement it by making up headers. # see also # http://stackoverflow.com/a/30248823/4241180 # http://stackoverflow.com/a/27643297/4241180 # http://blog.bstpierre.org/flask-testing-auth headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) self.assertEqual(response.status_code, 200, 'Failed to allow access for an administrator user') response_json = json.loads(response.data) self.assertTrue(response_json['ok'] is False) self.assertEqual( response_json['error_code'], 400, 'Failed to return error code 400 ' 'when setting non-HTTPS Webhook URL: {}'.format( response_json['description'])) self.assertEqual( response_json['url'], url_for('webhook.handle_webhook', _external=True), 'Failed to return a JSON with the URL of the Webhook handing view ' 'for an authorized user') mock_requests.assert_called() self.assertIn( call(files=None, json={ 'url': TelegramUpdates.URL_HANDLE_WEBHOOK, 'max_connections': current_app.config['SERVER_MAX_CONNECTIONS'], 'allowed_updates': [] }, timeout=current_app.config['TELEGRAM_REQUEST_TIMEOUT_SEC'] * 60, url=current_app.config['TELEGRAM_URL'] + 'setWebhook'), mock_requests.call_args_list)
def test_unsethook_administrator_user(self, mock_requests): admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() # Werkzeug's test client doesn't have embedded # Basic HTTP Authentication out of box like requests have, # so we have to implement it by making up headers. # see also # http://stackoverflow.com/a/30248823/4241180 # http://stackoverflow.com/a/27643297/4241180 # http://blog.bstpierre.org/flask-testing-auth headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) response = self.client.post(TelegramUpdates.URL_UNSET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) self.assertEqual( response.status_code, 200, 'Failed to return status code 200 ' 'when unsetting Webhook URL by the administrator user') response_json = json.loads(response.data) self.assertEqual( response_json['url'], '', 'Failed to return an empty field for the URL in JSON ' 'when unsetting Webhook URL by the administrator user') mock_requests.assert_called() self.assertIn( call(files=None, json={ 'url': '', 'max_connections': current_app.config['SERVER_MAX_CONNECTIONS'], 'allowed_updates': [] }, timeout=current_app.config['TELEGRAM_REQUEST_TIMEOUT_SEC'] * 60, url=current_app.config['TELEGRAM_URL'] + 'setWebhook'), mock_requests.call_args_list)
def test_setwebhook_with_SSL_certificate(self, mock_requests): # set up SSL certificate tmp_cert_file = os.path.join(tempfile.gettempdir(), "SSL.cert") with open(tmp_cert_file, 'wb') as fp: fp.write(b'SSL Certificate Content') # add administrator admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() # make a request headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) new_config = { 'TELEGRAM_URL': current_app.config['TELEGRAM_URL'], 'SERVER_PUBLIC_KEY': tmp_cert_file, 'SERVER_MAX_CONNECTIONS': current_app.config['SERVER_MAX_CONNECTIONS'], 'TELEGRAM_REQUEST_TIMEOUT_SEC': current_app.config['TELEGRAM_REQUEST_TIMEOUT_SEC'] } with patch.dict(current_app.config, new_config): response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) self.assertEqual(current_app.config['SERVER_PUBLIC_KEY'], tmp_cert_file) self.assertEqual( response.status_code, 200, 'Failed to return status code 200 ' 'when setting Webhook URL by the administrator user ' 'with SSL certificate specified') mock_requests.assert_called()
def test_bad_request_response(self, mock_requests): admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() headers = Headers() headers.add(*HTTP.basic_auth('*****@*****.**', 'test')) response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) self.assertEqual( response.status_code, 400, 'Failed to return status code 400 ' 'when ValidationError is raised') mock_requests.assert_called()
def test_login_required_incorrect_username(self): admin_role = Role.query.filter_by(name='Administrator').first() admin = User( email='*****@*****.**', username='******', role=admin_role, password='******', confirmed=True, ) db.session.add(admin) db.session.commit() headers = Headers() headers.add(*HTTP.basic_auth('incorrect_username', 'test')) response = self.client.post(TelegramUpdates.URL_UNSET_WEBHOOK, data=json.dumps({}), follow_redirects=True, headers=headers) self.assertEqual( response.status_code, 403, 'Failed to return status code 403 ' 'when unsetting Webhook URL by the ' 'user with incorrect username')