def test__download_file__s3(self, __generate_s3_url):
account = Account()
account.username = "******"
account.endpoint__amazon_s3_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
file1 = File()
file1.filename = "filename1.png"
file1.id = "id1"
file1.storage_engine = "s3"
file1.account = new_token.account
file1.authenticated_user = "******"
file1.time = datetime.datetime.now()
self.persist([account, new_token, file1])
__generate_s3_url.return_value = "http://fakeurl"
rv = self.app.get("/manage/files/id1/download?token=token1")
assert rv.status_code == 200
response = json.loads(rv.data)
assert response["url"] == "http://fakeurl"
def test__list_credentials(self):
# Create a token and Matching User
account = Account()
account.username = "******"
new_token = PushToken()
new_token.account = account.username
new_token.authenticated_user = account.username
new_token.token = "token1"
new_token.admin = True
credentials = TempCredentials()
credentials.account = account.username
credentials.username = "******"
credentials.password = "******"
self.persist([account, new_token, credentials])
rv = self.app.get("/manage/credentials?token=token1", data={})
assert rv.status_code == 200
response = json.loads(rv.data)
assert response["credentials"] == [{
"password": "******",
"username": "******"
}]
def test_manage_account_delete(self):
account = Account()
account.username = "******"
account.endpoint__dropbox_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
storage = Storage()
storage.id = "id1"
storage.account = "michael"
storage.path = "/"
storage.endpoint__amazon_s3_access_key_id = "endpoint__amazon_s3_access_key_id"
storage.endpoint__amazon_s3_access_secret_key = "endpoint__amazon_s3_access_secret_key"
storage.endpoint__dropbox_access_token = "endpoint__dropbox_access_token"
storage.endpoint__dropbox_user_id = "endpoint__dropbox_user_id"
storage.store_type = "dropbox"
self.persist([account, new_token, storage])
self.app.delete(
"/manage/account/storage?token=token1", data=json.dumps({"id": "id1"})
)
rv = self.app.get(
"/manage/account/storage?token=token1",
)
assert len(json.loads(rv.data)["storage"]) == 0
def test__get_files(self):
# Create a token
new_token = PushToken()
new_token.account = "user1"
new_token.token = "token1"
new_token.admin = True
file1 = File()
file1.filename = "filename1.png"
file1.id = "id1"
file1.account = new_token.account
file1.authenticated_user = "******"
file1.time = datetime.datetime.now()
self.persist([new_token, file1])
rv = self.app.get("/manage/files?token=token1", data={})
assert rv.status_code == 200
files = json.loads(rv.data)
assert len(files["files"]) == 1
assert files["files"][0]["uploader"] == "uploader"
assert files["files"][0]["filename"] == "filename1.png"
assert files["files"][0]["id"] == "id1"
def test__download_file__missing(self):
account = Account()
account.username = "******"
account.endpoint__amazon_s3_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
self.persist([account, new_token])
rv = self.app.get("/manage/files/id1/download?token=token1")
assert rv.status_code == 404
def push_authenticate():
username = request.form.get("username")
password = request.form.get("password")
account = flask.g.db_session.query(Account).filter(
Account.username == username).scalar()
if account:
if not __internal_check_password_matches(account, password):
return flask.jsonify(err="Account was invalid"), 403
if not account.email_confirmation_code_accepted:
return flask.jsonify(
err="Account email address has not been registered"), 403
new_token = PushToken()
new_token.account = account.username
new_token.authenticated_user = username
new_token.token = str(uuid.uuid4())
new_token.admin = True
flask.g.db_session.add(new_token)
return flask.jsonify(token=new_token.token)
temp_account = flask.g.db_session.query(TempCredentials).filter(
TempCredentials.username == username).scalar()
if temp_account:
if temp_account.password != password:
return flask.jsonify(err="Account was invalid"), 403
new_token = PushToken()
new_token.account = temp_account.account
new_token.token = str(uuid.uuid4())
new_token.authenticated_user = username
new_token.admin = False
flask.g.db_session.add(new_token)
return flask.jsonify(token=new_token.token)
return flask.jsonify(err="Account was invalid"), 403
def test_manage_account_storage_save(self):
account = Account()
account.username = "******"
account.endpoint__dropbox_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
storage = Storage()
storage.id = "id1"
storage.account = "michael"
storage.path = ""
storage.endpoint__amazon_s3_access_key_id = ""
storage.endpoint__amazon_s3_access_secret_key = ""
storage.endpoint__dropbox_access_token = ""
storage.endpoint__dropbox_user_id = ""
storage.store_type = ""
self.persist([account, new_token, storage])
rv = self.app.post(
"/manage/account/storage?token=token1",
data=json.dumps({
"id": "id1",
"path": "/path",
"store_type": "dropbox"
})
)
rv = self.app.get(
"/manage/account/storage?token=token1",
)
assert json.loads(rv.data) == {
"storage": [
{
"account": "michael",
"endpoint__amazon_s3_access_key_id": "",
"endpoint__amazon_s3_access_secret_key": "",
"endpoint__dropbox_access_token": "",
"endpoint__dropbox_user_id": "",
"id": "id1",
"path": "/path",
"store_type": "dropbox"
}
]
}
def test__upload_file__choose_path(self, __upload_s3, __upload_dropbox):
account = Account()
account.username = "******"
account.endpoint__dropbox_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
storage = Storage()
storage.id = "id1"
storage.account = "michael"
storage.path = "/dropbox/path"
storage.store_type = "dropbox"
storage.permissions = "rw"
storage2 = Storage()
storage2.id = "id2"
storage2.account = "michael"
storage2.path = "/s3/path"
storage2.store_type = "s3"
storage2.permissions = "rw"
storage3 = Storage()
storage3.id = "id3"
storage3.account = "michael"
storage3.path = "/"
storage3.store_type = "dropbox"
storage3.permissions = "rw"
self.persist([account, new_token, storage, storage2, storage3])
resp = self.app.post('/push/upload/token1',
data={
'file': (StringIO('my file contents'),
'hello world.txt'),
'path':
"/s3/path/hello world.txt"
})
assert resp.status_code == 200
assert len(self.session.query(File).all()) == 1
assert __upload_s3.called == 1
__upload_s3.assert_called_with(mock.ANY, mock.ANY, '/hello world.txt')
def test__upload_file__dropbox__temp_user(self, __upload_dropbox):
account = Account()
account.username = "******"
account.endpoint__dropbox_enabled = True
credentials = TempCredentials()
credentials.account = "michael"
credentials.username = "******"
credentials.permissions_mode = "w"
credentials.permissions_path = "/"
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = False
new_token.authenticated_user = "******"
storage = Storage()
storage.id = "id1"
storage.account = "michael"
storage.path = "/"
storage.endpoint__amazon_s3_access_key_id = ""
storage.endpoint__amazon_s3_access_secret_key = ""
storage.endpoint__dropbox_access_token = ""
storage.endpoint__dropbox_user_id = ""
storage.store_type = "dropbox"
storage.permissions = "rw"
self.persist([account, new_token, storage, credentials])
resp = self.app.post('/push/upload/token1',
data={
'file': (StringIO('my file contents'),
'hello world.txt'),
'path':
"/hello world.txt"
})
assert resp.status_code == 200
assert len(self.session.query(File).all()) == 1
assert __upload_dropbox.called == 1
__upload_dropbox.assert_called_with(mock.ANY, mock.ANY,
'/hello world.txt')
def push_authenticate_get_token():
username = request.form.get("username")
service_token = request.form.get("service_token")
if service_token != config__get("COUCHDROP_SERVICE__SERVICE_TOKEN"):
return flask.jsonify(err="This route requires a service token"), 403
account = flask.g.db_session.query(Account).filter(
Account.username == username).scalar()
if account:
if not account.email_confirmation_code_accepted:
return flask.jsonify(
err="Account email address has not been registered"), 403
new_token = PushToken()
new_token.account = account.username
new_token.authenticated_user = username
new_token.token = str(uuid.uuid4())
new_token.admin = True
flask.g.db_session.add(new_token)
return flask.jsonify(token=new_token.token)
return flask.jsonify(err="Account was invalid"), 403
def test_manage_account_storage_put(self):
account = Account()
account.username = "******"
account.endpoint__dropbox_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
self.persist([account, new_token])
rv = self.app.put(
"/manage/account/storage?token=token1",
)
rv = self.app.get(
"/manage/account/storage?token=token1",
)
elem = json.loads(rv.data)["storage"]
assert elem[0]["account"] == "michael"
def test__download_file__invalid_permissions(self):
account = Account()
account.username = "******"
account.endpoint__amazon_s3_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
file1 = File()
file1.filename = "filename1.png"
file1.id = "id1"
file1.account = "random_account"
file1.authenticated_user = "******"
file1.time = datetime.datetime.now()
self.persist([account, new_token, file1])
rv = self.app.get("/manage/files/id1/download?token=token1")
print rv.data
assert rv.status_code == 404
def test__delete_credentials__invalid_account(self):
# Create a token and Matching User
account = Account()
account.username = "******"
new_token = PushToken()
new_token.account = account.username
new_token.authenticated_user = account.username
new_token.token = "token1"
new_token.admin = True
credentials = TempCredentials()
credentials.account = "someotheruser"
credentials.username = "******"
credentials.password = "******"
self.persist([account, new_token, credentials])
rv = self.app.delete("/manage/credentials/user1/delete?token=token1",
data={})
# No delete operation performed
assert len(self.session.query(TempCredentials).all()) == 1
def test__create_credentials(self):
# Create a token and Matching User
account = Account()
account.username = "******"
new_token = PushToken()
new_token.account = account.username
new_token.authenticated_user = account.username
new_token.token = "token1"
new_token.admin = True
self.persist([account, new_token])
rv = self.app.put("/manage/credentials?token=token1", data={})
assert rv.status_code == 200
assert len(self.session.query(TempCredentials).all()) == 1
created_credentials = self.session.query(TempCredentials).all()[0]
assert created_credentials
assert created_credentials.account == "michael"
assert created_credentials.username
assert created_credentials.password
def test__delete_credentials(self):
# Create a token and Matching User
account = Account()
account.username = "******"
new_token = PushToken()
new_token.account = account.username
new_token.authenticated_user = account.username
new_token.token = "token1"
new_token.admin = True
credentials = TempCredentials()
credentials.account = account.username
credentials.username = "******"
credentials.password = "******"
self.persist([account, new_token, credentials])
rv = self.app.delete("/manage/credentials/user1/delete?token=token1",
data={})
assert rv.status_code == 200
assert len(self.session.query(TempCredentials).all()) == 0
def test__upload_file__s3(self, __upload_s3):
account = Account()
account.username = "******"
account.endpoint__amazon_s3_enabled = True
new_token = PushToken()
new_token.account = "michael"
new_token.token = "token1"
new_token.admin = True
storage = Storage()
storage.id = "id1"
storage.account = "michael"
storage.path = "/"
storage.endpoint__amazon_s3_access_key_id = ""
storage.endpoint__amazon_s3_access_secret_key = ""
storage.endpoint__dropbox_access_token = ""
storage.endpoint__dropbox_user_id = ""
storage.store_type = "s3"
storage.permissions = "rw"
self.persist([account, new_token, storage])
resp = self.app.post('/push/upload/token1',
data={
'file': (StringIO('my file contents'),
'hello world.txt'),
'path':
'/dudes/path/hello world.txt'
})
assert resp.status_code == 200
assert len(self.session.query(File).all()) == 1
assert __upload_s3.called == 1
__upload_s3.assert_called_with(mock.ANY, mock.ANY,
'/dudes/path/hello world.txt')