def test_authorized_access_to_get_token(self):
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
response = self.client.get(url_for('webhook.get_token'),
data=json.dumps(TelegramUpdates.EMPTY),
follow_redirects=True,
headers=headers)
self.assertEqual(response.status_code, 200,
'Failed to give access for a valid authorized user')
response_json = json.loads(response.data)
self.assertEqual(response_json['expiration'], 3600)
def test_setting_webhook_with_exception_raised(self, mock_requests):
from requests.exceptions import RequestException
mock_requests.side_effect = RequestException('Boom!')
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
response_json = json.loads(response.data)
self.assertEqual(
response_json['error_code'], 599,
'Failed to return error code 599 when RequestException is thrown')
mock_requests.assert_called()
def test_sethook_moderator_user(self, mock_requests):
moderator_role = Role.query.filter_by(name='Moderator').first()
moderator = User(
email='*****@*****.**',
username='******',
role=moderator_role,
password='******',
confirmed=True,
)
db.session.add(moderator)
db.session.commit()
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
self.assertEqual(response.status_code, 403,
'Failed to forbid access for a moderator user')
with self.assertRaises(AssertionError) as err:
mock_requests.assert_called()
self.assertIn("Expected 'post' to have been called",
str(err.exception))
def test_sethook_administrator_user(self, mock_requests):
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
# Werkzeug's test client doesn't have embedded
# Basic HTTP Authentication out of box like requests have,
# so we have to implement it by making up headers.
# see also
# http://stackoverflow.com/a/30248823/4241180
# http://stackoverflow.com/a/27643297/4241180
# http://blog.bstpierre.org/flask-testing-auth
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
self.assertEqual(response.status_code, 200,
'Failed to allow access for an administrator user')
response_json = json.loads(response.data)
self.assertTrue(response_json['ok'] is False)
self.assertEqual(
response_json['error_code'], 400,
'Failed to return error code 400 '
'when setting non-HTTPS Webhook URL: {}'.format(
response_json['description']))
self.assertEqual(
response_json['url'],
url_for('webhook.handle_webhook', _external=True),
'Failed to return a JSON with the URL of the Webhook handing view '
'for an authorized user')
mock_requests.assert_called()
self.assertIn(
call(files=None,
json={
'url':
TelegramUpdates.URL_HANDLE_WEBHOOK,
'max_connections':
current_app.config['SERVER_MAX_CONNECTIONS'],
'allowed_updates': []
},
timeout=current_app.config['TELEGRAM_REQUEST_TIMEOUT_SEC'] *
60,
url=current_app.config['TELEGRAM_URL'] + 'setWebhook'),
mock_requests.call_args_list)
def test_unsethook_administrator_user(self, mock_requests):
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
# Werkzeug's test client doesn't have embedded
# Basic HTTP Authentication out of box like requests have,
# so we have to implement it by making up headers.
# see also
# http://stackoverflow.com/a/30248823/4241180
# http://stackoverflow.com/a/27643297/4241180
# http://blog.bstpierre.org/flask-testing-auth
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
response = self.client.post(TelegramUpdates.URL_UNSET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
self.assertEqual(
response.status_code, 200, 'Failed to return status code 200 '
'when unsetting Webhook URL by the administrator user')
response_json = json.loads(response.data)
self.assertEqual(
response_json['url'], '',
'Failed to return an empty field for the URL in JSON '
'when unsetting Webhook URL by the administrator user')
mock_requests.assert_called()
self.assertIn(
call(files=None,
json={
'url':
'',
'max_connections':
current_app.config['SERVER_MAX_CONNECTIONS'],
'allowed_updates': []
},
timeout=current_app.config['TELEGRAM_REQUEST_TIMEOUT_SEC'] *
60,
url=current_app.config['TELEGRAM_URL'] + 'setWebhook'),
mock_requests.call_args_list)
def test_setwebhook_with_SSL_certificate(self, mock_requests):
# set up SSL certificate
tmp_cert_file = os.path.join(tempfile.gettempdir(), "SSL.cert")
with open(tmp_cert_file, 'wb') as fp:
fp.write(b'SSL Certificate Content')
# add administrator
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
# make a request
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
new_config = {
'TELEGRAM_URL':
current_app.config['TELEGRAM_URL'],
'SERVER_PUBLIC_KEY':
tmp_cert_file,
'SERVER_MAX_CONNECTIONS':
current_app.config['SERVER_MAX_CONNECTIONS'],
'TELEGRAM_REQUEST_TIMEOUT_SEC':
current_app.config['TELEGRAM_REQUEST_TIMEOUT_SEC']
}
with patch.dict(current_app.config, new_config):
response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
self.assertEqual(current_app.config['SERVER_PUBLIC_KEY'],
tmp_cert_file)
self.assertEqual(
response.status_code, 200, 'Failed to return status code 200 '
'when setting Webhook URL by the administrator user '
'with SSL certificate specified')
mock_requests.assert_called()
def test_bad_request_response(self, mock_requests):
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
headers = Headers()
headers.add(*HTTP.basic_auth('*****@*****.**', 'test'))
response = self.client.post(TelegramUpdates.URL_SET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
self.assertEqual(
response.status_code, 400, 'Failed to return status code 400 '
'when ValidationError is raised')
mock_requests.assert_called()
def test_login_required_incorrect_username(self):
admin_role = Role.query.filter_by(name='Administrator').first()
admin = User(
email='*****@*****.**',
username='******',
role=admin_role,
password='******',
confirmed=True,
)
db.session.add(admin)
db.session.commit()
headers = Headers()
headers.add(*HTTP.basic_auth('incorrect_username', 'test'))
response = self.client.post(TelegramUpdates.URL_UNSET_WEBHOOK,
data=json.dumps({}),
follow_redirects=True,
headers=headers)
self.assertEqual(
response.status_code, 403, 'Failed to return status code 403 '
'when unsetting Webhook URL by the '
'user with incorrect username')