def test_bootstrap(self):
expires = datetime.datetime.fromordinal(
adsmutils.get_date().toordinal() + 5)
params = {
'expires': expires.isoformat(),
'ratelimit': 0.001,
'create_new': False
}
r = authenticated_user.get('/accounts/bootstrap', params=params)
a = r.json()
r = anonymous_user.get('/accounts/bootstrap', params=params)
b = r.json()
# currently fails, it returns 'anonymous' for the
# authenticated user if the user in db has empty 'is_active' column
# also, the ratelimits must allow for more clients (i.e. be not fully
# consumed)
assert a['username'] != b['username']
assert a['access_token'] != b['access_token']
assert a['username'] == 'tester@ads'
assert b['username'] == 'anonymous@ads'
# repeating the bootstrap request should give you the
# same access token
for x in range(5):
r = anonymous_user.get(
'/accounts/bootstrap',
params=params,
headers={'Authorization': 'Bearer %s' % b['access_token']})
assert r.json()['access_token'] == b['access_token']
for x in range(5):
r = authenticated_user.get('/accounts/bootstrap', params=params)
assert r.json()['access_token'] == a['access_token']
def test_resources(self):
# /v1/resources doesn't exist (but I think it should exist)
r = anonymous_user.get('/resources')
assert r.status_code == 404
# the response is organized from the perspective of the ADS developer/ API maintainer
# but API users probably expect to see something like:
# {
# '/v1': {
# 'endpoints': [
# '/search/query'
# ...
# ]
# },
# '/v2': {
# 'endpoints': [
# '/search/newquery',
# ...
# ]
# }
# }
#
# If we run two versions of the API alongside, I don't see
# how the current structure can communicate two different
# 'bases'
# hack to get to the resources
url = '/'.join(anonymous_user.get_config('API_URL').split('/')[0:-1])
r = anonymous_user.get(url + '/resources')
resources = r.json()
for k, v in list(api_resources.items()):
self.assertCountEqual(api_resources[k], resources[k])
def test_anonymous_user(self):
# Try to get graphics info for an existing bibcode
r = anonymous_user.get('/graphics/%s'%bibcode)
# We should get a 401 back
self.assertEqual(r.status_code, 401)
# The same for a non-existing bibcode
r = anonymous_user.get('/graphics/foo')
# We should get a 401 back
self.assertEqual(r.status_code, 401)
def test_anonymous_user(self):
for x in ['/vault/configuration',
'/vault/user-data',
'/vault/query/sfsfs-sfsdfsdf-sfsdf-sfsdf']:
r = anonymous_user.get(x)
assert r.status_code == 401
# should be accessible? return 404 when not exists (well, no 404 - because we don't want to give up information)
r = anonymous_user.get('/vault/query2svg/113dc6ef2e612ffe1a0de9a16e7f494e')
assert r.status_code == 401
def check_resolver_gateway(self, user=authenticated_user):
r = anonymous_user.get(
config.API_URL.rsplit('/', 1)[0] +
'/link_gateway/2018EPJWC.18612003D/abstract')
self.assertEqual(r.status_code, 200)
r = anonymous_user.get(
config.API_URL.rsplit('/', 1)[0] +
'/link_gateway/2018EPJWC.18612003D/abstract')
self.assertEqual(r.status_code, 200)
def test_anonymous_user(self):
# Get the author network
r = anonymous_user.get('/vis/author-network', params=params)
# method not allowed
self.assertEqual(r.status_code, 405)
r = anonymous_user.post('/vis/author-network', data=params)
self.assertEqual(r.status_code, 401)
def test_access(self):
for x in [
'/orcid/exchangeOAuthCode',
]:
r = anonymous_user.get(x)
assert r.status_code == 401 # right now it throws 500 (probably error with orcid service)
r = bumblebee_user.get('/orcid/exchangeOAuthCode',
params={'code': 'foo'})
assert r.status_code == 400
assert r.json()['error'] == 'invalid_grant'
r = authenticated_user.get('/orcid/0000-0001-9886-2511/orcid-profile')
assert r.status_code == 500 # TODO: should return a json error (orcid-authorizatin header is missing)
def test_anonymous_user(self):
r = anonymous_user.get('/resolver/2018EPJWC.18612003D')
self.assertEqual(r.status_code, 401)
def test_anonymous_user(self):
r = anonymous_user.get(
config.API_URL.rsplit('/', 1)[0] +
'/link_gateway/2018EPJWC.18612003D/abstract')
self.assertEqual(r.status_code, 200)
def test_anonymous_user(self):
r = anonymous_user.get('harbour/mirrors')
self.assertEqual(r.status_code, 401)