def test_view_success(self):
"""查看成功
"""
app = App(user=self.current_user,
name="app",
app_secret="secret",
summary="summary",
description="description")
self.db.add(app)
self.db.commit()
resp = self.api_get(f"/app/{app.app_id}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_app_id.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
self.assertEqual(data["app_id"], str(app.app_id))
self.assertEqual(data["name"], app.name)
self.assertEqual(data["summary"], app.summary)
self.assertEqual(data["description"], app.description)
self.assertEqual(data["is_active"], app.is_active)
def test_create_full_success(self):
"""使用所有参数创建 App
"""
user_pk_id = self.current_user.id
request_body = {
"name": "fortest",
"app_secret": "secret",
"summary": "my first app",
"description": "nothing to say",
"is_active": False,
}
resp = self.api_post("/app", body=request_body)
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.post_app.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
app = self.db.query(App).filter(
and_(
App.user_id == user_pk_id,
App.name == request_body["name"],
)).one()
self.assertEqual(app.validate_secret(request_body["app_secret"]), True)
self.assertEqual(request_body["summary"], app.summary)
self.assertEqual(request_body["description"], app.description)
self.assertEqual(request_body["is_active"], app.is_active)
def test_success(self):
"""返回正确
"""
role_numbers = 10
perm_numbers = 20
role_basename = "myrole"
permission_basename = "myperm"
for i in range(role_numbers):
role = Role(name=role_basename + str(i))
for j in range(perm_numbers):
perm = Permission(name=permission_basename + str(i) + str(j))
self.db.add(perm)
role.permissions.append(perm)
self.db.add(role)
self.current_user.roles.append(role)
self.db.commit()
resp = self.api_get("/my/permission")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_my_permission.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual(len(body["data"]), role_numbers)
for role_data in body["data"]:
self.assertEqual(len(role_data["permissions"]), perm_numbers)
role_names = [role_data["name"] for role_data in body["data"]]
self.assertEqual([role_basename + str(i) for i in range(role_numbers)],
sorted(role_names))
def test_refresh_token_success(self):
"""刷新成功
"""
app_secret = "secret"
app = App(user=self.current_user,
name="fortest", app_secret=app_secret)
self.db.add(app)
self.db.commit()
app_id = str(str(app.app_id))
resp = self.api_post("/app_token", body={
"app_id": app_id,
"app_secret": app_secret,
})
body = get_body_json(resp)
refresh_token = body["data"]["refresh_token"]
resp = self.api_post("/app_token/refresh", body={
"app_id": app_id,
"refresh_token": refresh_token,
})
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.post_token_refresh.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
payload = decode_token(data["access_token"])
self.assertEqual(payload["uid"], str(self.current_user.uuid))
def test_get_success(self):
"""正确
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
permission_total = 12
permission_basename = "my-permission"
for i in range(permission_total):
perm = Permission(name=permission_basename + str(i))
self.db.add(perm)
role.permissions.append(perm)
self.db.commit()
resp = self.api_get(f"/role/{role.uuid}/permission")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_role_id_permission.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual(len(body["data"]), permission_total)
def test_success(self):
"""正确
"""
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
total = 10
user_role_total = 5
basename = "myrole"
for i in range(total):
role = Role(name=basename + str(i))
self.db.add(role)
if i < user_role_total:
user.roles.append(role)
self.db.commit()
resp = self.api_get(f"/user/{user.uuid}/role")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_user_id_role.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual([basename + str(i) for i in range(user_role_total)],
sorted([role["name"] for role in body["data"]]))
def test_list_success(self):
"""正确
"""
resp = self.api_get("/role")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_role.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual(len(body["data"]), body["filter"]["page_size"])
self.assertEqual(body["filter"]["total"], self.total + 3)
def test_view_success(self):
"""查看成功
"""
resp = self.api_get(f"/user/{self.current_user.uuid}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_user_id.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
self.assertEqual(data["username"], self.current_username)
def test_get_token_success(self):
"""获取 token 成功
"""
resp = self.api_post("/token", body={
"username": self.current_username,
"password": self.current_password,
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.post_token.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
payload = decode_token(data["access_token"])
self.assertEqual(payload["uid"], str(self.current_user.uuid))
def test_get_success(self):
"""success
"""
name = "my-permission"
summary = "my summary"
perm = Permission(name=name, summary=summary)
self.db.add(perm)
self.db.commit()
resp = self.api_get(f"/permission/id?name={perm.name}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_permission_id.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual(body["id"], str(perm.uuid))
def test_create_success(self):
"""创建成功
"""
username = "******"
password = "******"
resp = self.api_post("/user",
body={
"username": username,
"password": password,
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.post_user.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
user = self.db.query(User).filter_by(username=username).one()
self.assertEqual(user.validate_password(password), True)
def test_notexist_roles(self):
"""使用不存在的角色ID
"""
user_id = str(uuid.uuid4())
notexist_total = 12
resp = self.api_post(
f"/user/{user_id}/role/append",
body={
"roles": [str(uuid.uuid4()) for i in range(notexist_total)],
})
body = get_body_json(resp)
self.assertEqual(resp.code, 400)
spec = self.rs.post_user_id_role_append.op_spec["responses"][
"default"]["schema"]
api.validate_object(spec, body)
self.assertEqual(body["status"], "have-not-exist")
self.assertEqual(len(body["data"]), notexist_total)
def test_get_success(self):
"""获取详情正确
"""
name = "my-permission"
summary = "my summary"
perm = Permission(name=name, summary=summary)
self.db.add(perm)
self.db.commit()
resp = self.api_get(f"/permission/{perm.uuid}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_permission_id.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
self.assertEqual(data["summary"], summary)
self.assertEqual(data["created"], utc_rfc3339_string(perm.created))
self.assertEqual(data["updated"], utc_rfc3339_string(perm.updated))
def test_get_success(self):
"""正确
"""
role_name = "my-role"
role_summary = "my summary"
role = Role(name=role_name, summary=role_summary)
self.db.add(role)
self.db.commit()
resp = self.api_get(f"/role/{role.uuid}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_role_id.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
self.assertEqual(data["summary"], role_summary)
self.assertEqual(data["created"], utc_rfc3339_string(role.created))
self.assertEqual(data["updated"], utc_rfc3339_string(role.updated))
def test_get_token_success(self):
"""获取 token 成功
"""
username = "******"
resp = self.api_post("/user", body={"username": username})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
resp = self.api_post("/open_token", body={"username": username})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.post_open_token.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
user = self.db.query(User).filter_by(username=username).first()
data = body["data"]
payload = decode_token(data["access_token"])
self.assertEqual(payload["uid"], str(user.uuid))
def test_notexist_permissions(self):
"""使用不存在的权限名称
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
self.db.commit()
notexist_total = 12
resp = self.api_post("/role/permission/remove", body={
"role": role.name,
"permissions": [str(uuid.uuid4()) for i in range(notexist_total)],
})
body = get_body_json(resp)
self.assertEqual(resp.code, 400)
spec = self.rs.post_role_permission_remove.op_spec[
"responses"]["default"]["schema"]
api.validate_object(spec, body)
self.assertEqual(body["status"], "have-not-exist")
self.assertEqual(len(body["data"]), notexist_total)
def test_success(self):
"""正确
"""
numbers = 10
basename = "myrole"
for i in range(numbers):
role = Role(name=basename + str(i))
self.db.add(role)
self.current_user.roles.append(role)
self.db.commit()
resp = self.api_get("/my/role")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_my_role.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
names = [role["name"] for role in body["data"]]
self.assertEqual([basename + str(i)
for i in range(numbers)], sorted(names))
def test_create_success(self):
"""创建成功
"""
user_pk_id = self.current_user.id
name = "for-ceate-test"
app_secret = "secret"
resp = self.api_post("/app",
body={
"name": name,
"app_secret": app_secret,
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.post_app.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
app = self.db.query(App).filter(
and_(
App.user_id == user_pk_id,
App.name == name,
)).one()
self.assertEqual(app.validate_secret(app_secret), True)
def validate_default_error(body):
spec = api.spec_dict["definitions"]["DefaultErrorResponse"]
api.validate_object(spec, body)
