def test_resetting_token(app):
form = UserSettingsForm(phab_api_token="", reset_phab_api_token=True)
response = manage_phab_api_token_cookie(form, dict())
assert "phabricator-api-token=;" in response.headers["Set-Cookie"]
assert not response.json["phab_api_token_set"]
form = UserSettingsForm(phab_api_token="token", reset_phab_api_token=True)
response = manage_phab_api_token_cookie(form, dict())
assert "phabricator-api-token=;" in response.headers["Set-Cookie"]
assert not response.json["phab_api_token_set"]
def test_resetting_token(app):
form = UserSettingsForm(phab_api_token='', reset_phab_api_token=True)
response = manage_phab_api_token_cookie(form, dict())
assert 'phabricator-api-token=;' in response.headers['Set-Cookie']
assert not response.json['phab_api_token_set']
form = UserSettingsForm(phab_api_token='token', reset_phab_api_token=True)
response = manage_phab_api_token_cookie(form, dict())
assert 'phabricator-api-token=;' in response.headers['Set-Cookie']
assert not response.json['phab_api_token_set']
def test_setting_token(app):
form = UserSettingsForm(
phab_api_token='phab_token', reset_phab_api_token=False
)
response = manage_phab_api_token_cookie(form, dict())
assert 'phabricator-api-token=phab_token' in response.headers['Set-Cookie']
assert 'HttpOnly' in response.headers['Set-Cookie']
assert response.json['phab_api_token_set']
def settings():
if not is_user_authenticated():
# Accessing it unauthenticated from UI is protected by CSP
return jsonify(
dict(success=False, errors=dict(form_errors=["User is not authenticated"]))
)
form = UserSettingsForm()
if not form.validate_on_submit():
return jsonify(dict(success=False, errors=form.errors))
payload = dict(success=True)
response = manage_phab_api_token_cookie(form, payload)
return response
def test_setting_token(app):
form = UserSettingsForm(phab_api_token="phab_token", reset_phab_api_token=False)
response = manage_phab_api_token_cookie(form, dict())
assert "phabricator-api-token=phab_token" in response.headers["Set-Cookie"]
assert "HttpOnly" in response.headers["Set-Cookie"]
assert response.json["phab_api_token_set"]
def test_phab_api_token_untouched(app):
form = UserSettingsForm(phab_api_token="", reset_phab_api_token=False)
response = manage_phab_api_token_cookie(form, dict())
assert "Set-Cookie" not in response.headers
assert not response.json["phab_api_token_set"]
