def test_get_session_with_anonymous_user(self):
"""Testing the GET session/ API with anonymous user"""
rsp = self.apiGet(get_session_url(),
expected_mimetype=session_mimetype)
self.assertEqual(rsp['stat'], 'ok')
self.assertTrue('session' in rsp)
self.assertFalse(rsp['session']['authenticated'])
def test_get_with_anonymous_user(self):
"""Testing the GET session/ API with anonymous user"""
self.client.logout()
rsp = self.apiGet(get_session_url(), expected_mimetype=session_mimetype)
self.assertEqual(rsp["stat"], "ok")
self.assertTrue("session" in rsp)
self.assertFalse(rsp["session"]["authenticated"])
def test_get_with_anonymous_user(self):
"""Testing the GET session/ API with anonymous user"""
self.client.logout()
rsp = self.api_get(get_session_url(),
expected_mimetype=session_mimetype)
self.assertEqual(rsp['stat'], 'ok')
self.assertIn('session', rsp)
self.assertFalse(rsp['session']['authenticated'])
def test_get_with_anonymous_user(self):
"""Testing the GET session/ API with anonymous user"""
self.client.logout()
rsp = self.api_get(get_session_url(),
expected_mimetype=session_mimetype)
self.assertEqual(rsp['stat'], 'ok')
self.assertIn('session', rsp)
self.assertFalse(rsp['session']['authenticated'])
def test_get_session_with_site(self):
"""Testing the GET session/ API with a local site"""
self._login_user(local_site=True)
rsp = self.apiGet(get_session_url(self.local_site_name),
expected_mimetype=session_mimetype)
self.assertEqual(rsp['stat'], 'ok')
self.assertTrue('session' in rsp)
self.assertTrue(rsp['session']['authenticated'])
self.assertEqual(rsp['session']['links']['user']['title'], 'doc')
def test_get_session_with_logged_in_user(self):
"""Testing the GET session/ API with logged in user"""
rsp = self.apiGet(get_session_url(),
expected_mimetype=session_mimetype)
self.assertEqual(rsp['stat'], 'ok')
self.assertTrue('session' in rsp)
self.assertTrue(rsp['session']['authenticated'])
self.assertEqual(rsp['session']['links']['user']['title'],
self.user.username)
def test_auth(self):
"""Testing OAuth2 authentication to the Web API with a valid token"""
application = self.create_oauth_application(user=self.owner)
token = self.create_oauth_token(application, self.user, 'session:read')
with override_feature_check(oauth2_service_feature.feature_id, True):
load_site_config()
rsp = self.api_get(get_session_url(),
HTTP_AUTHORIZATION='Bearer %s' % token.token,
expected_mimetype=session_mimetype)
self.assertIn('stat', rsp)
self.assertEqual(rsp['stat'], 'ok')
def test_auth_invalid_scope(self):
"""Testing OAuth2 authentication to the Web API with a token missing
scopes"""
application = self.create_oauth_application(user=self.owner)
token = self.create_oauth_token(application, self.user)
with override_feature_check(oauth2_service_feature.feature_id, True):
load_site_config()
rsp = self.api_get(get_session_url(),
HTTP_AUTHORIZATION='Bearer %s' % token.token,
expected_status=403)
self.assertIn('stat', rsp)
self.assertEqual(rsp['stat'], 'fail')
def test_auth_expired(self):
"""Testing OAuth2 authentication to the Web API with an expired token
"""
application = self.create_oauth_application(user=self.owner)
token = self.create_oauth_token(application, self.user, 'session:read',
expires=timedelta(hours=-1))
with override_feature_check(oauth2_service_feature.feature_id, True):
load_site_config()
rsp = self.api_get(get_session_url(),
HTTP_AUTHORIZATION='Bearer %s' % token.token,
expected_status=401)
self.assertIn('stat', rsp)
self.assertEqual(rsp['stat'], 'fail')
def test_auth_no_local_site(self):
"""Testing OAuth2 authentication to the Web API of a Local Site with an
application not on that Local Site
"""
local_site = LocalSite.objects.get(pk=1)
local_site.users.add(self.user)
application = self.create_oauth_application(user=self.owner)
token = self.create_oauth_token(application, self.user, 'session:read')
with override_feature_check(oauth2_service_feature.feature_id, True):
load_site_config()
rsp = self.api_get(get_session_url(local_site.name),
HTTP_AUTHORIZATION='Bearer %s' % token.token,
expected_status=401)
self.assertIn('stat', rsp)
self.assertEqual(rsp['stat'], 'fail')
def test_auth_local_site_member(self):
"""Testing OAuth2 authentication to the Web API of a Local Site with
with an application on a that Local Site as a member
"""
local_site = LocalSite.objects.get(pk=1)
local_site.users.add(self.user)
local_site.save(update_fields=('public',))
self.assertTrue(local_site.is_accessible_by(self.user))
application = self.create_oauth_application(user=self.owner,
local_site=local_site)
token = self.create_oauth_token(application, self.user, 'session:read')
with override_feature_check(oauth2_service_feature.feature_id, True):
load_site_config()
rsp = self.api_get(get_session_url(local_site.name),
HTTP_AUTHORIZATION='Bearer %s' % token.token,
expected_mimetype=session_mimetype)
self.assertIn('stat', rsp)
self.assertEqual(rsp['stat'], 'ok')
def setup_basic_delete_test(self, user, with_local_site, local_site_name):
return (get_session_url(local_site_name), session_mimetype)
def setup_http_not_allowed_item_test(self, user):
return get_session_url()
def setup_basic_get_test(self, user, with_local_site, local_site_name):
return (get_session_url(local_site_name),
session_mimetype,
user)
def setup_http_not_allowed_item_test(self, user):
return get_session_url()
def test_get_session_with_site_no_access(self):
"""Testing the GET session/ API with a local site and Permission Denied error"""
self.apiGet(get_session_url(self.local_site_name),
expected_status=403)
