Exemplo n.º 1
0
    def test_post_set_user_as_local_site_admin_with_non_local_site_user(self):
        """Testing the POST <URL> API as a LocalSite admin with user set to a
        non-LocalSite user
        """
        self._login_user(admin=True, local_site=True)

        rsp = self.api_post(
            get_oauth_app_list_url(self.local_site_name),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'user': '******',
            },
            expected_status=400,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'fail')

        self.assertIn('fields', rsp)
        self.assertIn('user', rsp['fields'])
        self.assertEqual(
            rsp['fields']['user'],
            ['The user "dopey" does not exist.'],
        )
Exemplo n.º 2
0
    def test_post_set_skip_authorization_as_local_site_admin(self):
        """Testing the POST <URL> API as a LocalSite admin with
        skip_authorization set
        """
        self._login_user(admin=True, local_site=True)

        rsp = self.api_post(
            get_oauth_app_list_url(self.local_site_name),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'skip_authorization': '1',
            },
            expected_mimetype=oauth_app_item_mimetype,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')

        app = Application.objects.get(pk=rsp['oauth_app']['id'])
        self.compare_item(rsp['oauth_app'], app)
        self.assertEqual(app.skip_authorization, True)
Exemplo n.º 3
0
    def test_post_set_user_as_local_site_admin_with_non_local_site_user(self):
        """Testing the POST <URL> API as a LocalSite admin with user set to a
        non-LocalSite user
        """
        self._login_user(admin=True, local_site=True)

        rsp = self.api_post(
            get_oauth_app_list_url(self.local_site_name),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'user': '******',
            },
            expected_status=400,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'fail')

        self.assertIn('fields', rsp)
        self.assertIn('user', rsp['fields'])
        self.assertEqual(
            rsp['fields']['user'],
            ['The user "dopey" does not exist.'],
        )
Exemplo n.º 4
0
    def test_post_set_skip_authorization_as_local_site_admin(self):
        """Testing the POST <URL> API as a LocalSite admin with
        skip_authorization set
        """
        self._login_user(admin=True, local_site=True)

        rsp = self.api_post(
            get_oauth_app_list_url(self.local_site_name),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'skip_authorization': '1',
            },
            expected_mimetype=oauth_app_item_mimetype,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')

        app = Application.objects.get(pk=rsp['oauth_app']['id'])
        self.compare_item(rsp['oauth_app'], app)
        self.assertEqual(app.skip_authorization, True)
Exemplo n.º 5
0
    def test_post_set_user_as_superuser_not_exists(self):
        """Testing the POST <URL> API as a superuser with user set as a
        non-existent user
        """
        self._login_user(admin=True)
        rsp = self.api_post(
            get_oauth_app_list_url(),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'user': '******',
            },
            expected_status=400,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'fail')

        self.assertIn('fields', rsp)
        self.assertIn('user', rsp['fields'])
        self.assertEqual(rsp['fields']['user'],
                         ['The user "foofoo" does not exist.'])
Exemplo n.º 6
0
    def test_post_set_user_as_superuser_not_exists(self):
        """Testing the POST <URL> API as a superuser with user set as a
        non-existent user
        """
        self._login_user(admin=True)
        rsp = self.api_post(
            get_oauth_app_list_url(),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'user': '******',
            },
            expected_status=400,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'fail')

        self.assertIn('fields', rsp)
        self.assertIn('user', rsp['fields'])
        self.assertEqual(rsp['fields']['user'],
                         ['The user "foofoo" does not exist.'])
Exemplo n.º 7
0
    def _test_post_redirect_uri_grant_combination(self, redirect_uris,
                                                  grant_type, is_valid):
        """Test the redirect_uris and grant type are valid or invalid.

        Args:
            redirect_uris (unicode):
                A space-separated list of redirect URIs.

            grant_type (unicode):
                The grant type.

            is_valid (bool):
                Whether or not the given combination is valid. This determines
                the testing done on the response.
        """
        post_data = {
            'authorization_grant_type': grant_type,
            'client_type': Application.CLIENT_PUBLIC,
            'name': 'test-app',
            'redirect_uris': redirect_uris,
            'skip_authorization': '0',
        }

        if is_valid:
            rsp = self.api_post(get_oauth_app_list_url(),
                                post_data,
                                expected_mimetype=oauth_app_item_mimetype)
            self.assertIn('stat', rsp)
            self.assertEqual(rsp['stat'], 'ok')
            self.compare_item(rsp['oauth_app'],
                              Application.objects.get(name='test-app'))
        else:
            rsp = self.api_post(get_oauth_app_list_url(),
                                post_data,
                                expected_status=400)
            self.assertIn('stat', rsp)
            self.assertEqual(rsp['stat'], 'fail')
            self.assertIn('err', rsp)
            self.assertIn('fields', rsp)
            self.assertIn('redirect_uris', rsp['fields'])
Exemplo n.º 8
0
    def _test_post_redirect_uri_grant_combination(self, redirect_uris,
                                                  grant_type, is_valid):
        """Test the redirect_uris and grant type are valid or invalid.

        Args:
            redirect_uris (unicode):
                A space-separated list of redirect URIs.

            grant_type (unicode):
                The grant type.

            is_valid (bool):
                Whether or not the given combination is valid. This determines
                the testing done on the response.
        """
        post_data = {
            'authorization_grant_type': grant_type,
            'client_type': Application.CLIENT_PUBLIC,
            'name': 'test-app',
            'redirect_uris': redirect_uris,
            'skip_authorization': '0',
        }

        if is_valid:
            rsp = self.api_post(get_oauth_app_list_url(),
                                post_data,
                                expected_mimetype=oauth_app_item_mimetype)
            self.assertIn('stat', rsp)
            self.assertEqual(rsp['stat'], 'ok')
            self.compare_item(rsp['oauth_app'],
                              Application.objects.get(name='test-app'))
        else:
            rsp = self.api_post(get_oauth_app_list_url(),
                                post_data,
                                expected_status=400)
            self.assertIn('stat', rsp)
            self.assertEqual(rsp['stat'], 'fail')
            self.assertIn('err', rsp)
            self.assertIn('fields', rsp)
            self.assertIn('redirect_uris', rsp['fields'])
Exemplo n.º 9
0
    def setup_basic_post_test(self, user, with_local_site, local_site_name,
                              post_valid_data):
        if post_valid_data:
            post_data = {
                'authorization_grant_type':
                Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
            }
        else:
            post_data = {}

        return (get_oauth_app_list_url(local_site_name),
                oauth_app_item_mimetype, post_data, [])
Exemplo n.º 10
0
    def setup_basic_get_test(self, user, with_local_site, local_site_name,
                             populate_items):
        if populate_items:
            if with_local_site:
                local_site = LocalSite.objects.get(name=local_site_name)
            else:
                local_site = None

            items = [
                Application.objects.create(user=user, local_site=local_site),
            ]
        else:
            items = []

        return (get_oauth_app_list_url(local_site_name=local_site_name),
                oauth_app_list_mimetype, items)
Exemplo n.º 11
0
    def setup_basic_get_test(self, user, with_local_site, local_site_name,
                             populate_items):
        if populate_items:
            if with_local_site:
                local_site = LocalSite.objects.get(name=local_site_name)
            else:
                local_site = None

            items = [
                Application.objects.create(user=user, local_site=local_site),
            ]
        else:
            items = []

        return (get_oauth_app_list_url(local_site_name=local_site_name),
                oauth_app_list_mimetype,
                items)
Exemplo n.º 12
0
    def setup_basic_post_test(self, user, with_local_site, local_site_name,
                              post_valid_data):
        if post_valid_data:
            post_data = {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
            }
        else:
            post_data = {}

        return (get_oauth_app_list_url(local_site_name),
                oauth_app_item_mimetype,
                post_data,
                [])
Exemplo n.º 13
0
    def test_get_filtered(self):
        """Testing the GET <URL> API only returns filtered applications"""
        admin = User.objects.get(username='******')
        local_site = LocalSite.objects.get(pk=1)

        applications = set(filter(
            lambda a: a.local_site is None and a.user == self.user,
            self._make_applications([self.user, admin], local_site),
        ))

        rsp = self.api_get(get_oauth_app_list_url(),
                           {},
                           expected_mimetype=oauth_app_list_mimetype)

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')
        self.assertEqual(applications,
                         self._applications_from_response(rsp['oauth_apps']))
Exemplo n.º 14
0
    def test_get_filtered(self):
        """Testing the GET <URL> API only returns filtered applications"""
        admin = User.objects.get(username='******')
        local_site = LocalSite.objects.get(pk=1)

        applications = set(filter(
            lambda a: a.local_site is None and a.user == self.user,
            self._make_applications([self.user, admin], local_site),
        ))

        rsp = self.api_get(get_oauth_app_list_url(),
                           {},
                           expected_mimetype=oauth_app_list_mimetype)

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')
        self.assertEqual(applications,
                         self._applications_from_response(rsp['oauth_apps']))
Exemplo n.º 15
0
    def test_superuser_get_local_site(self):
        """Testing the GET <URL> API with a LocalSite as a superuser"""
        self.user = self._login_user(local_site=False, admin=True)

        local_site = LocalSite.objects.get(pk=1)
        doc = User.objects.get(username='******')

        applications = self._make_applications(
            users=[self.user, doc],
            local_site=local_site,
            predicate=lambda a: a.local_site == local_site,
        )

        rsp = self.api_get(get_oauth_app_list_url(local_site.name), {},
                           expected_mimetype=oauth_app_list_mimetype)

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')
        self.assertEqual(applications,
                         self._applications_from_response(rsp['oauth_apps']))
Exemplo n.º 16
0
    def test_superuser_get_local_site(self):
        """Testing the GET <URL> API with a LocalSite as a superuser"""
        self.user = self._login_user(local_site=False, admin=True)

        local_site = LocalSite.objects.get(pk=1)
        doc = User.objects.get(username='******')

        applications = self._make_applications(
            users=[self.user, doc],
            local_site=local_site,
            predicate=lambda a: a.local_site == local_site,
        )

        rsp = self.api_get(get_oauth_app_list_url(local_site.name),
                           {},
                           expected_mimetype=oauth_app_list_mimetype)

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')
        self.assertEqual(applications,
                         self._applications_from_response(rsp['oauth_apps']))
Exemplo n.º 17
0
    def test_post_set_user_as_superuser(self):
        """Testing the POST <URL> API as a superuser with user set"""
        self._login_user(admin=True)
        rsp = self.api_post(
            get_oauth_app_list_url(),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'user': '******',
            },
            expected_mimetype=oauth_app_item_mimetype,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')

        app = Application.objects.get(pk=rsp['oauth_app']['id'])
        self.compare_item(rsp['oauth_app'], app)
        self.assertEqual(app.user.username, 'doc')
Exemplo n.º 18
0
    def test_post_set_skip_authorization(self):
        """Testing the POST <URL> API with skip_authorization set"""
        rsp = self.api_post(
            get_oauth_app_list_url(),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'skip_authorization': '1',
            },
            expected_status=400,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'fail')

        self.assertIn('fields', rsp)
        self.assertIn('skip_authorization', rsp['fields'])
        self.assertEqual(rsp['fields']['skip_authorization'],
                         ['You do not have permission to set this field.'])
Exemplo n.º 19
0
    def test_post_set_skip_authorization(self):
        """Testing the POST <URL> API with skip_authorization set"""
        rsp = self.api_post(
            get_oauth_app_list_url(),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'skip_authorization': '1',
            },
            expected_status=400,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'fail')

        self.assertIn('fields', rsp)
        self.assertIn('skip_authorization', rsp['fields'])
        self.assertEqual(rsp['fields']['skip_authorization'],
                         ['You do not have permission to set this field.'])
Exemplo n.º 20
0
    def test_get_filtered_with_localsite(self):
        """Testing the GET <URL> API only returns filtered applications on a
        LocalSite
        """
        admin = User.objects.get(username='******')
        local_site = LocalSite.objects.get(pk=1)
        local_site.users.add(self.user)

        applications = self._make_applications(
            users=[self.user, admin],
            local_site=local_site,
            predicate=lambda a:
            (a.local_site == local_site and a.user == self.user),
        )

        rsp = self.api_get(get_oauth_app_list_url(local_site.name), {},
                           expected_mimetype=oauth_app_list_mimetype)

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')
        self.assertEqual(applications,
                         self._applications_from_response(rsp['oauth_apps']))
Exemplo n.º 21
0
    def test_post_set_user_as_superuser(self):
        """Testing the POST <URL> API as a superuser with user set"""
        self._login_user(admin=True)
        rsp = self.api_post(
            get_oauth_app_list_url(),
            {
                'authorization_grant_type':
                    Application.GRANT_CLIENT_CREDENTIALS,
                'client_type': Application.CLIENT_PUBLIC,
                'name': 'test-application',
                'redirect_uris': 'https://example.com/oauth/',
                'user': '******',
            },
            expected_mimetype=oauth_app_item_mimetype,
        )

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')

        app = Application.objects.get(pk=rsp['oauth_app']['id'])
        self.compare_item(rsp['oauth_app'], app)
        self.assertEqual(app.user.username, 'doc')
Exemplo n.º 22
0
    def test_get_filtered_with_localsite(self):
        """Testing the GET <URL> API only returns filtered applications on a
        LocalSite
        """
        admin = User.objects.get(username='******')
        local_site = LocalSite.objects.get(pk=1)
        local_site.users.add(self.user)

        applications = self._make_applications(
            users=[self.user, admin],
            local_site=local_site,
            predicate=lambda a: (a.local_site == local_site and
                                 a.user == self.user),
        )

        rsp = self.api_get(get_oauth_app_list_url(local_site.name),
                           {},
                           expected_mimetype=oauth_app_list_mimetype)

        self.assertIn('stat', rsp)
        self.assertEqual(rsp['stat'], 'ok')
        self.assertEqual(applications,
                         self._applications_from_response(rsp['oauth_apps']))