self.login(self.real_user, c, csrf)
utils.logout_user()
self.assertNotIn('oauth_client', session)
@mock.patch('adsws.accounts.views.Bootstrap.load_client')
def test_when_no_session(self, mocked):
"""
When there is no OAuth client within the session cookie, we do not need to access the database.
Fresh session should have no OAuth client, and so should not call load_client
Second bootstrap should have a BB client token, and so should call load_client
"""
with self.client as c:
url = url_for('bootstrap')
c.get(url)
self.assertFalse(mocked.called)
with self.client as c:
url = url_for('bootstrap')
c.get(url)
self.assertTrue(mocked.called)
TESTSUITE = make_test_suite(TestAccounts, TestUtils)
if __name__ == '__main__':
run_test_suite(TESTSUITE)
self.login(self.real_user, c, csrf)
utils.logout_user()
self.assertNotIn('oauth_client', session)
@mock.patch('adsws.accounts.views.Bootstrap.load_client')
def test_when_no_session(self, mocked):
"""
When there is no OAuth client within the session cookie, we do not need to access the database.
Fresh session should have no OAuth client, and so should not call load_client
Second bootstrap should have a BB client token, and so should call load_client
"""
with self.client as c:
url = url_for('bootstrap')
c.get(url)
self.assertFalse(mocked.called)
with self.client as c:
url = url_for('bootstrap')
c.get(url)
self.assertTrue(mocked.called)
TESTSUITE = make_test_suite(TestAccounts, TestUtils)
if __name__ == '__main__':
run_test_suite(TESTSUITE)
)
def test_protected_view(self):
"""
Test that the route decorated with empty oauth returns 200
"""
r = self.open('GET', url_for('protectedview'))
self.assertStatus(r, 200)
def test_emailresolver(self):
"""
Test that the email resolver correctly resolves a user
"""
# Passing the uid should return the correct email
r = self.open('GET', url_for('userresolver', identifier=self.user_id))
self.assertEqual(r.json['email'], self.user_email)
# Passing the email should return the correct uid
r = self.open('GET', url_for('userresolver', identifier=self.user_email))
self.assertEqual(r.json['id'], self.user_id)
TESTSUITE = make_test_suite(
ApiTestCase,
)
if __name__ == '__main__':
run_test_suite(TESTSUITE)
def test_options(self):
"""
responses to the http OPTIONS method should return info about the
server's CORS configuration
"""
r = self.client.options('/status',
headers={
'Origin':
'http://localhost',
'Access-Control-Request-Method':
'OPTIONS',
'Access-Control-Request-Headers':
'accept, '
'x-bb-api-client-version, '
'content-type'
})
self.assertIn('Access-Control-Allow-Methods', r.headers)
self.assertIn('Access-Control-Allow-Headers', r.headers)
self.compare_headers(r.headers['Access-Control-Allow-Methods'],
current_app.config['CORS_METHODS'])
self.compare_headers(r.headers['Access-Control-Allow-Headers'],
current_app.config['CORS_HEADERS'])
TESTSUITE = make_test_suite(ApiCORSTestCase)
if __name__ == '__main__':
run_test_suite(TESTSUITE)
time.sleep(1.1)
cleanup_clients(app_override=self.app, timedelta="seconds=0.1", userid=99)
self.assertEqual(2, len(db.session.query(OAuthClient).all()))
db.session.add(OAuthClient(
user_id=99,
client_id=gen_salt(20),
client_secret=gen_salt(20),
is_confidential=False,
is_internal=True,
_default_scopes="",
last_activity=datetime.datetime.now(),
ratelimit=0.2
))
db.session.commit()
time.sleep(0.5)
cleanup_clients(app_override=self.app, timedelta="seconds=0.1", userid=99, ratelimit='0.19')
self.assertEqual(3, len(db.session.query(OAuthClient).all()))
cleanup_clients(app_override=self.app, timedelta="seconds=0.1", userid=99, ratelimit='0.2')
self.assertEqual(2, len(db.session.query(OAuthClient).all()))
TEST_SUITE = make_test_suite(TestManage_Accounts, TestManageScopes)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
}
),
)
def test_update_passwd(self):
user = ClassicUser("*****@*****.**", "foo")
self.assertTrue(user.is_authenticated())
self.assertTrue(user.is_real_user())
self.assertEqual(352401271, user.get_id())
self.assertEqual(user.passwd_info(), 1)
import adsws.modules.classic.user as x
r = user.update_passwd("*****@*****.**", "foobar", "foobar2")
x.user_query.assert_called_with(
{
"man_email": "*****@*****.**",
"man_cmd": "Update Record",
"man_vpasswd": "foobar2",
"man_npasswd": "foobar2",
"man_passwd": "foobar",
},
{"User-Agent": "ADS Script Request Agent"},
"http://foo.bar.org/cgi-bin/maint/manage_account/credentials",
)
SUITE = make_test_suite(TestClassicUser)
if __name__ == "__main__":
run_test_suite(SUITE)
os.path.dirname(inspect.getfile(inspect.currentframe())),
'../../adsws'))
self.assertEqual(self.app.config.get('BAR'), 'baz')
self.assertEqual(self.app.root_path, rootf, "root_path is not correct")
self.assertEqual(self.app.instance_path, self.config['instance_path'])
class FactoryTestSecretKey(FlaskAppTestCase):
@property
def config(self):
return {'SECRET_KEY': '73696768'}
def test_custom_config(self):
self.assertEqual(self.app.config.get('SECRET_KEY'), 'sigh')
class FactoryTestSecretKeyNonHex(FlaskAppTestCase):
@property
def config(self):
return {'SECRET_KEY': 'X73696768'}
def test_custom_config(self):
self.assertEqual(self.app.config.get('SECRET_KEY'), 'X73696768')
TEST_SUITE = make_test_suite(FactoryTest, FactoryTestCustomInstanceDir,
FactoryTestSecretKey, FactoryTestSecretKeyNonHex)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
from flask import url_for
from adsws.testsuite import make_test_suite, run_test_suite
from adsws import frontend
class TestFrontend(TestCase):
"""
Test the root application
"""
def create_app(self):
app = frontend.create_app(resources={'foo': 'bar'})
return app
def test_statusView(self):
url = url_for('statusview')
r = self.client.get(url)
self.assertStatus(r, 200)
self.assertEqual(r.json['status'], 'online')
def test_globalresources(self):
url = url_for('globalresourcesview')
r = self.client.get(url)
self.assertStatus(r, 200)
self.assertEqual(r.json['foo'], 'bar')
TESTSUITE = make_test_suite(TestFrontend)
if __name__ == '__main__':
run_test_suite(TESTSUITE)
"man_vpasswd": "*******",
"man_name": "",
"man_url": "http://adsabs.harvard.edu",
"man_cmd": "4"
}
}))
def test_update_passwd(self):
user = ClassicUser('*****@*****.**', 'foo')
self.assertTrue(user.is_authenticated())
self.assertTrue(user.is_real_user())
self.assertEqual(352401271, user.get_id())
self.assertEqual(user.passwd_info(), 1)
import adsws.modules.classic.user as x
r = user.update_passwd('*****@*****.**', 'foobar', 'foobar2')
x.user_query.assert_called_with(
{
'man_email': '*****@*****.**',
'man_cmd': 'Update Record',
'man_vpasswd': 'foobar2',
'man_npasswd': 'foobar2',
'man_passwd': 'foobar'
}, {'User-Agent': 'ADS Script Request Agent'},
'http://foo.bar.org/cgi-bin/maint/manage_account/credentials')
SUITE = make_test_suite(TestClassicUser)
if __name__ == '__main__':
run_test_suite(SUITE)
url_for('oauth2server_settings.client_new'),
base_url=self.app.config['SITE_SECURE_URL'],
data=dict(
name='Test',
description='Test description',
website='http://invenio-software.org',
redirect_uris="http://example.org/oauth/authorized/"
)
)
self.assertStatus(res, 200)
# Valid
res = self.client.post(
url_for('oauth2server_settings.client_new'),
base_url=self.app.config['SITE_SECURE_URL'],
data=dict(
name='Test',
description='Test description',
website='http://invenio-software.org',
redirect_uris="https://example.org/oauth/authorized/\n"
"http://localhost:4000/oauth/authorized/"
)
)
self.assertStatus(res, 302)
TEST_SUITE = make_test_suite(OAuth2ProviderTestCase)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
headers={"Authorization": "Bearer {0}".format(self.token)},
**kwargs)
def test_protected_view(self):
"""
Test that the route decorated with empty oauth returns 200
"""
r = self.open('GET', url_for('protectedview'))
self.assertStatus(r, 200)
def test_emailresolver(self):
"""
Test that the email resolver correctly resolves a user
"""
# Passing the uid should return the correct email
r = self.open('GET', url_for('userresolver', identifier=self.user_id))
self.assertEqual(r.json['email'], self.user_email)
# Passing the email should return the correct uid
r = self.open('GET', url_for('userresolver',
identifier=self.user_email))
self.assertEqual(r.json['id'], self.user_id)
TESTSUITE = make_test_suite(ApiTestCase, )
if __name__ == '__main__':
run_test_suite(TESTSUITE)
class FactoryTestSecretKey(FlaskAppTestCase):
@property
def config(self):
return {
'SECRET_KEY' : '73696768'
}
def test_custom_config(self):
self.assertEqual(self.app.config.get('SECRET_KEY'), 'sigh')
class FactoryTestSecretKeyNonHex(FlaskAppTestCase):
@property
def config(self):
return {
'SECRET_KEY' : 'X73696768'
}
def test_custom_config(self):
self.assertEqual(self.app.config.get('SECRET_KEY'), 'X73696768')
TEST_SUITE = make_test_suite(FactoryTest, FactoryTestCustomInstanceDir, FactoryTestSecretKey,
FactoryTestSecretKeyNonHex)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
website='http://invenio-software.org',
redirect_uris="http://localhost/oauth/authorized/"))
self.assertStatus(res, 302)
# Invalid redirect_uri (must be https)
res = self.client.post(
url_for('oauth2server_settings.client_new'),
base_url=self.app.config['SITE_SECURE_URL'],
data=dict(name='Test',
description='Test description',
website='http://invenio-software.org',
redirect_uris="http://example.org/oauth/authorized/"))
self.assertStatus(res, 200)
# Valid
res = self.client.post(
url_for('oauth2server_settings.client_new'),
base_url=self.app.config['SITE_SECURE_URL'],
data=dict(name='Test',
description='Test description',
website='http://invenio-software.org',
redirect_uris="https://example.org/oauth/authorized/\n"
"http://localhost:4000/oauth/authorized/"))
self.assertStatus(res, 302)
TEST_SUITE = make_test_suite(OAuth2ProviderTestCase)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
self.assertIsNotNone(u)
self.assertEqual(u.email, 'joe')
# .create() should create immediately
elias = user_manipulator.create(email='elias')
u = user_manipulator.first(email='elias')
self.assertIsNotNone(u)
self.assertEqual(elias, u)
# .update() should update immediately
user_manipulator.update(elias, confirmed_at=datetime(2000, 1, 1))
u = user_manipulator.first(email='elias')
self.assertEqual(u.confirmed_at, datetime(2000, 1, 1))
self.assertEqual(elias, u)
# .delete() should delete immediately
user_manipulator.delete(elias)
u = user_manipulator.first(email='elias')
self.assertIsNone(u)
# even though this object was deleted in the db, we still should
# have a reference to the python object
self.assertIsNotNone(elias)
self.assertEqual(elias.confirmed_at, datetime(2000, 1, 1))
TEST_SUITE = make_test_suite(TestUsersModel)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
u = user_manipulator.first(email='joe')
self.assertIsNotNone(u)
self.assertEqual(u.email, 'joe')
# .create() should create immediately
elias = user_manipulator.create(email='elias')
u = user_manipulator.first(email='elias')
self.assertIsNotNone(u)
self.assertEqual(elias, u)
# .update() should update immediately
user_manipulator.update(elias, confirmed_at=datetime(2000, 1, 1))
u = user_manipulator.first(email='elias')
self.assertEqual(u.confirmed_at, datetime(2000, 1, 1))
self.assertEqual(elias, u)
# .delete() should delete immediately
user_manipulator.delete(elias)
u = user_manipulator.first(email='elias')
self.assertIsNone(u)
# even though this object was deleted in the db, we still should
# have a reference to the python object
self.assertIsNotNone(elias)
self.assertEqual(elias.confirmed_at, datetime(2000, 1, 1))
TEST_SUITE = make_test_suite(TestUsersModel)
if __name__ == "__main__":
run_test_suite(TEST_SUITE)
responses to the http OPTIONS method should return info about the
server's CORS configuration
"""
r = self.client.options(
'/status',
headers={
'Origin': 'http://localhost',
'Access-Control-Request-Method': 'OPTIONS',
'Access-Control-Request-Headers': 'accept, '
'x-bb-api-client-version, '
'content-type'
}
)
self.assertIn('Access-Control-Allow-Methods', r.headers)
self.assertIn('Access-Control-Allow-Headers', r.headers)
self.compare_headers(
r.headers['Access-Control-Allow-Methods'],
current_app.config['CORS_METHODS']
)
self.compare_headers(
r.headers['Access-Control-Allow-Headers'],
current_app.config['CORS_HEADERS']
)
TESTSUITE = make_test_suite(ApiCORSTestCase)
if __name__ == '__main__':
run_test_suite(TESTSUITE)
