self.login(self.real_user, c, csrf) utils.logout_user() self.assertNotIn('oauth_client', session) @mock.patch('adsws.accounts.views.Bootstrap.load_client') def test_when_no_session(self, mocked): """ When there is no OAuth client within the session cookie, we do not need to access the database. Fresh session should have no OAuth client, and so should not call load_client Second bootstrap should have a BB client token, and so should call load_client """ with self.client as c: url = url_for('bootstrap') c.get(url) self.assertFalse(mocked.called) with self.client as c: url = url_for('bootstrap') c.get(url) self.assertTrue(mocked.called) TESTSUITE = make_test_suite(TestAccounts, TestUtils) if __name__ == '__main__': run_test_suite(TESTSUITE)
) def test_protected_view(self): """ Test that the route decorated with empty oauth returns 200 """ r = self.open('GET', url_for('protectedview')) self.assertStatus(r, 200) def test_emailresolver(self): """ Test that the email resolver correctly resolves a user """ # Passing the uid should return the correct email r = self.open('GET', url_for('userresolver', identifier=self.user_id)) self.assertEqual(r.json['email'], self.user_email) # Passing the email should return the correct uid r = self.open('GET', url_for('userresolver', identifier=self.user_email)) self.assertEqual(r.json['id'], self.user_id) TESTSUITE = make_test_suite( ApiTestCase, ) if __name__ == '__main__': run_test_suite(TESTSUITE)
def test_options(self): """ responses to the http OPTIONS method should return info about the server's CORS configuration """ r = self.client.options('/status', headers={ 'Origin': 'http://localhost', 'Access-Control-Request-Method': 'OPTIONS', 'Access-Control-Request-Headers': 'accept, ' 'x-bb-api-client-version, ' 'content-type' }) self.assertIn('Access-Control-Allow-Methods', r.headers) self.assertIn('Access-Control-Allow-Headers', r.headers) self.compare_headers(r.headers['Access-Control-Allow-Methods'], current_app.config['CORS_METHODS']) self.compare_headers(r.headers['Access-Control-Allow-Headers'], current_app.config['CORS_HEADERS']) TESTSUITE = make_test_suite(ApiCORSTestCase) if __name__ == '__main__': run_test_suite(TESTSUITE)
time.sleep(1.1) cleanup_clients(app_override=self.app, timedelta="seconds=0.1", userid=99) self.assertEqual(2, len(db.session.query(OAuthClient).all())) db.session.add(OAuthClient( user_id=99, client_id=gen_salt(20), client_secret=gen_salt(20), is_confidential=False, is_internal=True, _default_scopes="", last_activity=datetime.datetime.now(), ratelimit=0.2 )) db.session.commit() time.sleep(0.5) cleanup_clients(app_override=self.app, timedelta="seconds=0.1", userid=99, ratelimit='0.19') self.assertEqual(3, len(db.session.query(OAuthClient).all())) cleanup_clients(app_override=self.app, timedelta="seconds=0.1", userid=99, ratelimit='0.2') self.assertEqual(2, len(db.session.query(OAuthClient).all())) TEST_SUITE = make_test_suite(TestManage_Accounts, TestManageScopes) if __name__ == "__main__": run_test_suite(TEST_SUITE)
} ), ) def test_update_passwd(self): user = ClassicUser("*****@*****.**", "foo") self.assertTrue(user.is_authenticated()) self.assertTrue(user.is_real_user()) self.assertEqual(352401271, user.get_id()) self.assertEqual(user.passwd_info(), 1) import adsws.modules.classic.user as x r = user.update_passwd("*****@*****.**", "foobar", "foobar2") x.user_query.assert_called_with( { "man_email": "*****@*****.**", "man_cmd": "Update Record", "man_vpasswd": "foobar2", "man_npasswd": "foobar2", "man_passwd": "foobar", }, {"User-Agent": "ADS Script Request Agent"}, "http://foo.bar.org/cgi-bin/maint/manage_account/credentials", ) SUITE = make_test_suite(TestClassicUser) if __name__ == "__main__": run_test_suite(SUITE)
os.path.dirname(inspect.getfile(inspect.currentframe())), '../../adsws')) self.assertEqual(self.app.config.get('BAR'), 'baz') self.assertEqual(self.app.root_path, rootf, "root_path is not correct") self.assertEqual(self.app.instance_path, self.config['instance_path']) class FactoryTestSecretKey(FlaskAppTestCase): @property def config(self): return {'SECRET_KEY': '73696768'} def test_custom_config(self): self.assertEqual(self.app.config.get('SECRET_KEY'), 'sigh') class FactoryTestSecretKeyNonHex(FlaskAppTestCase): @property def config(self): return {'SECRET_KEY': 'X73696768'} def test_custom_config(self): self.assertEqual(self.app.config.get('SECRET_KEY'), 'X73696768') TEST_SUITE = make_test_suite(FactoryTest, FactoryTestCustomInstanceDir, FactoryTestSecretKey, FactoryTestSecretKeyNonHex) if __name__ == "__main__": run_test_suite(TEST_SUITE)
from flask import url_for from adsws.testsuite import make_test_suite, run_test_suite from adsws import frontend class TestFrontend(TestCase): """ Test the root application """ def create_app(self): app = frontend.create_app(resources={'foo': 'bar'}) return app def test_statusView(self): url = url_for('statusview') r = self.client.get(url) self.assertStatus(r, 200) self.assertEqual(r.json['status'], 'online') def test_globalresources(self): url = url_for('globalresourcesview') r = self.client.get(url) self.assertStatus(r, 200) self.assertEqual(r.json['foo'], 'bar') TESTSUITE = make_test_suite(TestFrontend) if __name__ == '__main__': run_test_suite(TESTSUITE)
"man_vpasswd": "*******", "man_name": "", "man_url": "http://adsabs.harvard.edu", "man_cmd": "4" } })) def test_update_passwd(self): user = ClassicUser('*****@*****.**', 'foo') self.assertTrue(user.is_authenticated()) self.assertTrue(user.is_real_user()) self.assertEqual(352401271, user.get_id()) self.assertEqual(user.passwd_info(), 1) import adsws.modules.classic.user as x r = user.update_passwd('*****@*****.**', 'foobar', 'foobar2') x.user_query.assert_called_with( { 'man_email': '*****@*****.**', 'man_cmd': 'Update Record', 'man_vpasswd': 'foobar2', 'man_npasswd': 'foobar2', 'man_passwd': 'foobar' }, {'User-Agent': 'ADS Script Request Agent'}, 'http://foo.bar.org/cgi-bin/maint/manage_account/credentials') SUITE = make_test_suite(TestClassicUser) if __name__ == '__main__': run_test_suite(SUITE)
url_for('oauth2server_settings.client_new'), base_url=self.app.config['SITE_SECURE_URL'], data=dict( name='Test', description='Test description', website='http://invenio-software.org', redirect_uris="http://example.org/oauth/authorized/" ) ) self.assertStatus(res, 200) # Valid res = self.client.post( url_for('oauth2server_settings.client_new'), base_url=self.app.config['SITE_SECURE_URL'], data=dict( name='Test', description='Test description', website='http://invenio-software.org', redirect_uris="https://example.org/oauth/authorized/\n" "http://localhost:4000/oauth/authorized/" ) ) self.assertStatus(res, 302) TEST_SUITE = make_test_suite(OAuth2ProviderTestCase) if __name__ == "__main__": run_test_suite(TEST_SUITE)
headers={"Authorization": "Bearer {0}".format(self.token)}, **kwargs) def test_protected_view(self): """ Test that the route decorated with empty oauth returns 200 """ r = self.open('GET', url_for('protectedview')) self.assertStatus(r, 200) def test_emailresolver(self): """ Test that the email resolver correctly resolves a user """ # Passing the uid should return the correct email r = self.open('GET', url_for('userresolver', identifier=self.user_id)) self.assertEqual(r.json['email'], self.user_email) # Passing the email should return the correct uid r = self.open('GET', url_for('userresolver', identifier=self.user_email)) self.assertEqual(r.json['id'], self.user_id) TESTSUITE = make_test_suite(ApiTestCase, ) if __name__ == '__main__': run_test_suite(TESTSUITE)
class FactoryTestSecretKey(FlaskAppTestCase): @property def config(self): return { 'SECRET_KEY' : '73696768' } def test_custom_config(self): self.assertEqual(self.app.config.get('SECRET_KEY'), 'sigh') class FactoryTestSecretKeyNonHex(FlaskAppTestCase): @property def config(self): return { 'SECRET_KEY' : 'X73696768' } def test_custom_config(self): self.assertEqual(self.app.config.get('SECRET_KEY'), 'X73696768') TEST_SUITE = make_test_suite(FactoryTest, FactoryTestCustomInstanceDir, FactoryTestSecretKey, FactoryTestSecretKeyNonHex) if __name__ == "__main__": run_test_suite(TEST_SUITE)
website='http://invenio-software.org', redirect_uris="http://localhost/oauth/authorized/")) self.assertStatus(res, 302) # Invalid redirect_uri (must be https) res = self.client.post( url_for('oauth2server_settings.client_new'), base_url=self.app.config['SITE_SECURE_URL'], data=dict(name='Test', description='Test description', website='http://invenio-software.org', redirect_uris="http://example.org/oauth/authorized/")) self.assertStatus(res, 200) # Valid res = self.client.post( url_for('oauth2server_settings.client_new'), base_url=self.app.config['SITE_SECURE_URL'], data=dict(name='Test', description='Test description', website='http://invenio-software.org', redirect_uris="https://example.org/oauth/authorized/\n" "http://localhost:4000/oauth/authorized/")) self.assertStatus(res, 302) TEST_SUITE = make_test_suite(OAuth2ProviderTestCase) if __name__ == "__main__": run_test_suite(TEST_SUITE)
self.assertIsNotNone(u) self.assertEqual(u.email, 'joe') # .create() should create immediately elias = user_manipulator.create(email='elias') u = user_manipulator.first(email='elias') self.assertIsNotNone(u) self.assertEqual(elias, u) # .update() should update immediately user_manipulator.update(elias, confirmed_at=datetime(2000, 1, 1)) u = user_manipulator.first(email='elias') self.assertEqual(u.confirmed_at, datetime(2000, 1, 1)) self.assertEqual(elias, u) # .delete() should delete immediately user_manipulator.delete(elias) u = user_manipulator.first(email='elias') self.assertIsNone(u) # even though this object was deleted in the db, we still should # have a reference to the python object self.assertIsNotNone(elias) self.assertEqual(elias.confirmed_at, datetime(2000, 1, 1)) TEST_SUITE = make_test_suite(TestUsersModel) if __name__ == "__main__": run_test_suite(TEST_SUITE)
u = user_manipulator.first(email='joe') self.assertIsNotNone(u) self.assertEqual(u.email, 'joe') # .create() should create immediately elias = user_manipulator.create(email='elias') u = user_manipulator.first(email='elias') self.assertIsNotNone(u) self.assertEqual(elias, u) # .update() should update immediately user_manipulator.update(elias, confirmed_at=datetime(2000, 1, 1)) u = user_manipulator.first(email='elias') self.assertEqual(u.confirmed_at, datetime(2000, 1, 1)) self.assertEqual(elias, u) # .delete() should delete immediately user_manipulator.delete(elias) u = user_manipulator.first(email='elias') self.assertIsNone(u) # even though this object was deleted in the db, we still should # have a reference to the python object self.assertIsNotNone(elias) self.assertEqual(elias.confirmed_at, datetime(2000, 1, 1)) TEST_SUITE = make_test_suite(TestUsersModel) if __name__ == "__main__": run_test_suite(TEST_SUITE)
responses to the http OPTIONS method should return info about the server's CORS configuration """ r = self.client.options( '/status', headers={ 'Origin': 'http://localhost', 'Access-Control-Request-Method': 'OPTIONS', 'Access-Control-Request-Headers': 'accept, ' 'x-bb-api-client-version, ' 'content-type' } ) self.assertIn('Access-Control-Allow-Methods', r.headers) self.assertIn('Access-Control-Allow-Headers', r.headers) self.compare_headers( r.headers['Access-Control-Allow-Methods'], current_app.config['CORS_METHODS'] ) self.compare_headers( r.headers['Access-Control-Allow-Headers'], current_app.config['CORS_HEADERS'] ) TESTSUITE = make_test_suite(ApiCORSTestCase) if __name__ == '__main__': run_test_suite(TESTSUITE)