def get_app(debug):
app = WerkzeugServer(root_path='/api/v1/',
root_version='0.9',
debug=debug,
get_user=getUser,
cors_allow_list=['*'])
config = Model(name='config',
field_list=[],
transaction_class=BlankTransaction)
config.checkAuth = lambda user, verb, id_list: True
app.root_namespace.addElement(config)
info = Action(name='getContractorInfo',
return_paramater=Paramater(type='Map'),
func=contractorInfo)
info.checkAuth = lambda user, verb, id_list: True
config.addAction(info)
app.registerNamespace('/', 'mcp.User')
app.registerNamespace('/', 'mcp.Resource')
app.registerNamespace('/', 'mcp.Project')
app.registerNamespace('/', 'mcp.Processor')
app.validate()
return app
def test_call():
converter = Converter( None )
field_list = []
field_list.append( Field( name='field1', type='String', length=50 ) )
field_list.append( Field( name='field2', type='Integer' ) )
model = Model( name='model1', transaction_class=TestTransaction, field_list=field_list )
transaction = model.transaction_class()
action1 = Action( name='act1', return_paramater=Paramater( type='String' ), func=lambda: 'hello' )
resp = action1.call( converter, transaction, None, {}, None, False )
assert resp.http_code == 200
assert resp.header_map == { 'Cache-Control': 'no-cache', 'Verb': 'CALL', 'Multi-Object': 'False' }
assert resp.data == 'hello'
action2 = Action( name='act2', return_paramater=Paramater( type='String' ), paramater_list=[ Paramater( name='p1', type='String', default='alice' ) ], func=lambda p1: 'hello "{0}"'.format( p1 ) )
# with pytest.raises( InvalidRequest ): # should we be ignorning data?
# resp = action2.call( converter, transaction, None, { 'p1': 'bob', 'nope': 'sue' }, None, False )
resp = action2.call( converter, transaction, None, {}, None, False )
assert resp.http_code == 200
assert resp.header_map == { 'Cache-Control': 'no-cache', 'Verb': 'CALL', 'Multi-Object': 'False' }
assert resp.data == 'hello "alice"'
resp = action2.call( converter, transaction, None, { 'p1': 'bob' }, None, False )
assert resp.http_code == 200
assert resp.header_map == { 'Cache-Control': 'no-cache', 'Verb': 'CALL', 'Multi-Object': 'False' }
assert resp.data == 'hello "bob"'
action3 = Action( name='act3', return_paramater=Paramater( type='String' ), func=lambda a: 'hello "{0}"'.format( a ), static=False )
model.addAction( action3 )
with pytest.raises( InvalidRequest ):
action3.call( converter, transaction, None, { 'a': 'bob' }, None, False )
resp = action3.call( converter, transaction, [ 'sue' ], {}, None, False )
assert resp.http_code == 200
assert resp.header_map == { 'Cache-Control': 'no-cache', 'Verb': 'CALL', 'Multi-Object': 'False' }
assert resp.data == 'hello "{\'_extra_\': \'get "sue"\'}"'
with pytest.raises( ObjectNotFound ):
action3.call( converter, transaction, [ 'NOT FOUND' ], {}, None, False )
action4 = Action( name='act4', func=lambda: 'hello' )
resp = action4.call( converter, transaction, [], {}, None, False )
assert resp.http_code == 200
assert resp.header_map == { 'Cache-Control': 'no-cache', 'Verb': 'CALL', 'Multi-Object': 'False' }
assert resp.data is None
action9 = Action( name='act9', return_paramater=Paramater( type='String' ), paramater_list=[ Paramater( name='p1', type='String' ), Paramater( name='p2', type='_USER_' ) ], func=lambda p1, p2: '{0}: {1}'.format( p1, p2 ) )
resp = action9.call( converter, transaction, None, { 'p1': 'stuff' }, 'Me The User', False )
assert resp.http_code == 200
assert resp.header_map == { 'Cache-Control': 'no-cache', 'Verb': 'CALL', 'Multi-Object': 'False' }
assert resp.data == 'stuff: Me The User'
def test_user():
server = Server( root_path='/api/', root_version='0.0', debug=True )
server.getUser = getUser
ns1 = Namespace( name='ns1', version='0.1', converter=None )
ns1.checkAuth = checkAuth
field_list = []
model1 = Model( name='model1', field_list=field_list, transaction_class=TestTransaction )
model1.checkAuth = checkAuth
action1 = Action( name='act', return_paramater=Paramater( type='String' ), func=fake_func )
action1.checkAuth = checkAuth
model1.addAction( action1 )
ns1.addElement( model1 )
server.registerNamespace( '/', ns1 )
req = Request( 'GET', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'GET', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__, 'AUTH-ID': 'nope', 'AUTH-TOKEN': 'nope' } )
res = server.handle( req )
assert res.http_code == 401
req = Request( 'GET', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__, 'AUTH-ID': 'good', 'AUTH-TOKEN': 'nope' } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'GET', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__, 'AUTH-ID': 'nope', 'AUTH-TOKEN': 'bad' } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'GET', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__, 'AUTH-ID': 'super', 'AUTH-TOKEN': 'super' } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'GET', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__, 'AUTH-ID': 'me', 'AUTH-TOKEN': 'me' } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'GET', '/api/ns1/model1:me:', { 'CINP-VERSION': __CINP_VERSION__, 'AUTH-ID': 'me', 'AUTH-TOKEN': 'me' } )
res = server.handle( req )
assert res.http_code == 200
def test_getElement():
uri = URI( root_path='/api/' )
root_ns = Namespace( name=None, version='0.0', root_path='/api/', converter=None )
ns2 = Namespace( name='ns2', version='0.1', converter=None )
ns3 = Namespace( name='ns3', version='0.2', converter=None )
ns2_2 = Namespace( name='ns2_2', version='0.1', converter=None )
root_ns.addElement( ns2 )
root_ns.addElement( ns3 )
ns2.addElement( ns2_2 )
mdl1 = Model( name='mdl1', field_list={}, transaction_class=TestTransaction )
mdl2 = Model( name='mdl2', field_list={}, transaction_class=TestTransaction )
root_ns.addElement( mdl1 )
ns2_2.addElement( mdl2 )
act1 = Action( name='act1', return_paramater=Paramater( type='String' ), paramater_list=[ Paramater( name='bob', type='Float' ) ], static=False, func=fake_func )
act2 = Action( name='act2', return_paramater=Paramater( type='String' ), paramater_list=[ Paramater( name='stuff', type='Boolean' ) ], func=fake_func )
mdl1.addAction( act1 )
mdl2.addAction( act2 )
assert root_ns.getElement( uri.split( '/api/', root_optional=True ) ) == root_ns
assert root_ns.getElement( uri.split( '/api/ns2/', root_optional=True ) ) == ns2
assert root_ns.getElement( uri.split( '/api/ns3/', root_optional=True ) ) == ns3
assert root_ns.getElement( uri.split( '/api/ns2/ns2_2/', root_optional=True ) ) == ns2_2
assert root_ns.getElement( uri.split( '/', root_optional=True ) ) == root_ns
assert root_ns.getElement( uri.split( '/ns2/', root_optional=True ) ) == ns2
assert root_ns.getElement( uri.split( '/ns3/', root_optional=True ) ) == ns3
assert root_ns.getElement( uri.split( '/ns2/ns2_2/', root_optional=True ) ) == ns2_2
assert root_ns.getElement( uri.split( '/api/mdl1', root_optional=True ) ) == mdl1
assert root_ns.getElement( uri.split( '/api/ns2/ns2_2/mdl2', root_optional=True ) ) == mdl2
assert root_ns.getElement( uri.split( '/mdl1', root_optional=True ) ) == mdl1
assert root_ns.getElement( uri.split( '/ns2/ns2_2/mdl2', root_optional=True ) ) == mdl2
assert root_ns.getElement( uri.split( '/api/mdl1(act1)', root_optional=True ) ) == act1
assert root_ns.getElement( uri.split( '/api/ns2/ns2_2/mdl2(act2)', root_optional=True ) ) == act2
assert root_ns.getElement( uri.split( '/mdl1(act1)', root_optional=True ) ) == act1
assert root_ns.getElement( uri.split( '/ns2/ns2_2/mdl2(act2)', root_optional=True ) ) == act2
with pytest.raises( ValueError ):
root_ns.getElement( '/api/' )
assert root_ns.getElement( uri.split( '/api/nsX/' ) ) is None
assert root_ns.getElement( uri.split( '/api/ns2/mdlX' ) ) is None
assert root_ns.getElement( uri.split( '/api/mdl1(actX)' ) ) is None
def test_action():
ns = Namespace( name=None, version='0.0', root_path='/api/', converter=None )
model = Model( name='model1', transaction_class=TestTransaction, field_list=[] )
ns.addElement( model )
action1 = Action( name='act1', return_paramater=Paramater( type='String' ), func=fake_func )
assert sort_dsc( action1.describe( ns.converter ).data ) == { 'name': 'act1', 'return-type': { 'type': 'String' }, 'paramaters': [], 'static': True, 'path': None }
model.addAction( action1 )
assert sort_dsc( action1.describe( action1.parent.parent.converter ).data ) == { 'name': 'act1', 'return-type': { 'type': 'String' }, 'paramaters': [], 'static': True, 'path': '/api/model1(act1)' }
action2 = Action( name='act2', return_paramater=Paramater( type='Integer' ), static=False, func=fake_func )
assert sort_dsc( action2.describe( ns.converter ).data ) == { 'name': 'act2', 'return-type': { 'type': 'Integer' }, 'paramaters': [], 'static': False, 'path': None }
action3 = Action( name='act3', return_paramater=Paramater( type='Boolean' ), paramater_list=[ Paramater( name='bob', type='Float' ) ], static=False, func=fake_func )
model.addAction( action3 )
assert sort_dsc( action3.describe( action3.parent.parent.converter ).data ) == { 'name': 'act3', 'return-type': { 'type': 'Boolean' }, 'paramaters': [ { 'name': 'bob', 'type': 'Float' } ], 'static': False, 'path': '/api/model1(act3)' }
assert action3.describe( action3.parent.parent.converter ).header_map == { 'Cache-Control': 'max-age=0', 'Verb': 'DESCRIBE', 'Type': 'Action' }
assert action3.options().header_map == { 'Allow': 'OPTIONS, DESCRIBE, CALL' }
assert action3.options().data is None
def test_not_allowed_verbs():
server = Server( root_path='/api/', root_version='0.0', debug=True )
ns1 = Namespace( name='ns1', version='0.1', converter=Converter( URI( '/api/' ) ) )
ns1.checkAuth = lambda user, verb, id_list: True
field_list = []
field_list.append( Field( name='field1', type='String', length=50 ) )
model1 = Model( name='model1', field_list=field_list, not_allowed_verb_list=[], transaction_class=TestTransaction )
model2 = Model( name='model2', field_list=field_list, not_allowed_verb_list=[ 'GET', 'LIST', 'CALL', 'CREATE', 'UPDATE', 'DELETE', 'DESCRIBE' ], transaction_class=TestTransaction )
model1.checkAuth = lambda user, verb, id_list: True
model2.checkAuth = lambda user, verb, id_list: True
action1 = Action( name='act', return_paramater=Paramater( type='String' ), func=fake_func )
action2 = Action( name='act', return_paramater=Paramater( type='String' ), func=fake_func )
action1.checkAuth = lambda user, verb, id_list: True
action2.checkAuth = lambda user, verb, id_list: True
model1.addAction( action1 )
model2.addAction( action2 )
ns1.addElement( model1 )
ns1.addElement( model2 )
server.registerNamespace( '/', ns1 )
with pytest.raises( ValueError ):
Model( name='modelX', field_list=[], not_allowed_verb_list=[ 'OPTIONS' ], transaction_class=TestTransaction )
with pytest.raises( ValueError ):
Model( name='modelX', field_list=[], not_allowed_verb_list=[ 'ASDF' ], transaction_class=TestTransaction )
req = Request( 'OPTIONS', '/api/ns1/model1', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'OPTIONS', '/api/ns1/model2', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'DESCRIBE', '/api/ns1/model1', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'DESCRIBE', '/api/ns1/model2', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'GET', '/api/ns1/model1:asd:', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'GET', '/api/ns1/model2:asd:', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'LIST', '/api/ns1/model1', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'LIST', '/api/ns1/model2', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'CREATE', '/api/ns1/model1', { 'CINP-VERSION': __CINP_VERSION__ } )
req.data = { 'field1': 'stuff' }
res = server.handle( req )
assert res.http_code == 201
req = Request( 'CREATE', '/api/ns1/model2', { 'CINP-VERSION': __CINP_VERSION__ } )
req.data = { 'field1': 'stuff' }
res = server.handle( req )
assert res.http_code == 403
req = Request( 'UPDATE', '/api/ns1/model1:sdf:', { 'CINP-VERSION': __CINP_VERSION__ } )
req.data = { 'field1': 'stuff' }
res = server.handle( req )
assert res.http_code == 200
req = Request( 'UPDATE', '/api/ns1/model2:sdf:', { 'CINP-VERSION': __CINP_VERSION__ } )
req.data = { 'field1': 'stuff' }
res = server.handle( req )
assert res.http_code == 403
req = Request( 'DELETE', '/api/ns1/model1:asd:', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'DELETE', '/api/ns1/model2:asd:', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 403
req = Request( 'CALL', '/api/ns1/model1(act)', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 200
req = Request( 'CALL', '/api/ns1/model2(act)', { 'CINP-VERSION': __CINP_VERSION__ } )
res = server.handle( req )
assert res.http_code == 403
def test_saninity_checks():
server = Server( root_path='/api/', root_version='0.0' )
ns = Namespace( name='ns', version='0.1', converter=None )
model = Model( name='model', field_list=[], transaction_class=TestTransaction )
ns.addElement( model )
action = Action( name='action', return_paramater=Paramater( type='String' ), func=fake_func )
model.addAction( action )
server.registerNamespace( '/', ns )
res = server.dispatch( Request( 'BOB', '/api/', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid Verb (HTTP Method) "BOB"' }
res = server.dispatch( Request( 'DESCRIBE', 'invalid', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Unable to Parse "invalid"' }
res = server.dispatch( Request( 'DESCRIBE', '/api/ns/model:' + ':'.join( 'id' * 101 ) + ':', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'id_list longer than supported length of "100"' }
res = server.dispatch( Request( 'DESCRIBE', '/api/nope', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 404
assert res.data == { 'message': 'path not found "/api/nope"' }
res = server.handle( Request( 'DESCRIBE', '/api/', {} ) )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid CInP Protocol Version' }
res = server.handle( Request( 'DESCRIBE', '/api/', { 'Cinp-Version': '0' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid CInP Protocol Version' }
with pytest.raises( ValueError ): # checkAuth not implemented, for this round of tests we call good
server.dispatch( Request( 'DESCRIBE', '/api/ns/model(action)', { 'CINP-VERSION': '0.9' } ) )
for verb in ( 'GET', 'LIST', 'CREATE', 'UPDATE', 'DELETE' ):
res = server.dispatch( Request( verb, '/api/ns/model(action)', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid verb "{0}" for request with action'.format( verb ) }
for verb in ( 'GET', 'LIST', 'CREATE', 'UPDATE', 'DELETE' ):
res = server.dispatch( Request( verb, '/api/ns/model:id:(action)', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid verb "{0}" for request with action'.format( verb ) }
for uri in ( '/api/', '/api/ns/', '/api/ns/model', '/api/ns/model:id:' ):
res = server.dispatch( Request( 'CALL', uri, { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Verb "CALL" requires action'.format( verb ) }
for verb in ( 'LIST', 'CREATE', 'DESCRIBE' ):
res = server.dispatch( Request( verb, '/api/ns/model:id:', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid Verb "{0}" for request with id'.format( verb ) }
for verb in ( 'GET', 'UPDATE', 'DELETE' ):
res = server.dispatch( Request( verb, '/api/ns/model', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Verb "{0}" requires id'.format( verb ) }
for verb in ( 'GET', 'DELETE' ):
req = Request( verb, '/api/ns/model:d:', { 'CINP-VERSION': '0.9' } )
req.data = { 'some': 'data' }
res = server.dispatch( req )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid verb "{0}" for request with data'.format( verb ) }
for verb in ( 'DESCRIBE', ):
req = Request( verb, '/api/ns/model', { 'CINP-VERSION': '0.9' } )
req.data = { 'some': 'data' }
res = server.dispatch( req )
assert res.http_code == 400
assert res.data == { 'message': 'Invalid verb "{0}" for request with data'.format( verb ) }
for verb in ( 'UPDATE', ):
res = server.dispatch( Request( verb, '/api/ns/model:id:', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Verb "{0}" requires data'.format( verb ) }
for verb in ( 'CREATE', ):
res = server.dispatch( Request( verb, '/api/ns/model', { 'CINP-VERSION': '0.9' } ) )
assert res.http_code == 400
assert res.data == { 'message': 'Verb "{0}" requires data'.format( verb ) }
for verb in ( 'LIST', 'CREATE' ): # also 'GET', 'UPDATE', 'DELETE' which also requires an Id which requires a model so already covered
req = Request( verb, '/api/ns/', { 'CINP-VERSION': '0.9' } )
req.data = { 'some': 'data' }
res = server.dispatch( req )
assert res.http_code == 400
assert res.data == { 'message': 'Verb "{0}" requires model'.format( verb ) }