def test_view_success(self): """查看成功 """ app = App(user=self.current_user, name="app", app_secret="secret", summary="summary", description="description") self.db.add(app) self.db.commit() resp = self.api_get(f"/app/{app.app_id}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_app_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] self.assertEqual(data["app_id"], str(app.app_id)) self.assertEqual(data["name"], app.name) self.assertEqual(data["summary"], app.summary) self.assertEqual(data["description"], app.description) self.assertEqual(data["is_active"], app.is_active)
def test_create_full_success(self): """使用所有参数创建 App """ user_pk_id = self.current_user.id request_body = { "name": "fortest", "app_secret": "secret", "summary": "my first app", "description": "nothing to say", "is_active": False, } resp = self.api_post("/app", body=request_body) body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.post_app.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) app = self.db.query(App).filter( and_( App.user_id == user_pk_id, App.name == request_body["name"], )).one() self.assertEqual(app.validate_secret(request_body["app_secret"]), True) self.assertEqual(request_body["summary"], app.summary) self.assertEqual(request_body["description"], app.description) self.assertEqual(request_body["is_active"], app.is_active)
def test_success(self): """返回正确 """ role_numbers = 10 perm_numbers = 20 role_basename = "myrole" permission_basename = "myperm" for i in range(role_numbers): role = Role(name=role_basename + str(i)) for j in range(perm_numbers): perm = Permission(name=permission_basename + str(i) + str(j)) self.db.add(perm) role.permissions.append(perm) self.db.add(role) self.current_user.roles.append(role) self.db.commit() resp = self.api_get("/my/permission") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_my_permission.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) self.assertEqual(len(body["data"]), role_numbers) for role_data in body["data"]: self.assertEqual(len(role_data["permissions"]), perm_numbers) role_names = [role_data["name"] for role_data in body["data"]] self.assertEqual([role_basename + str(i) for i in range(role_numbers)], sorted(role_names))
def test_refresh_token_success(self): """刷新成功 """ app_secret = "secret" app = App(user=self.current_user, name="fortest", app_secret=app_secret) self.db.add(app) self.db.commit() app_id = str(str(app.app_id)) resp = self.api_post("/app_token", body={ "app_id": app_id, "app_secret": app_secret, }) body = get_body_json(resp) refresh_token = body["data"]["refresh_token"] resp = self.api_post("/app_token/refresh", body={ "app_id": app_id, "refresh_token": refresh_token, }) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.post_token_refresh.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] payload = decode_token(data["access_token"]) self.assertEqual(payload["uid"], str(self.current_user.uuid))
def test_get_success(self): """正确 """ role_name = "my-role" role = Role(name=role_name) self.db.add(role) permission_total = 12 permission_basename = "my-permission" for i in range(permission_total): perm = Permission(name=permission_basename + str(i)) self.db.add(perm) role.permissions.append(perm) self.db.commit() resp = self.api_get(f"/role/{role.uuid}/permission") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_role_id_permission.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) self.assertEqual(len(body["data"]), permission_total)
def test_success(self): """正确 """ user = User(uuid=str(uuid.uuid4())) self.db.add(user) total = 10 user_role_total = 5 basename = "myrole" for i in range(total): role = Role(name=basename + str(i)) self.db.add(role) if i < user_role_total: user.roles.append(role) self.db.commit() resp = self.api_get(f"/user/{user.uuid}/role") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_user_id_role.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) self.assertEqual([basename + str(i) for i in range(user_role_total)], sorted([role["name"] for role in body["data"]]))
def test_list_success(self): """正确 """ resp = self.api_get("/role") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_role.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) self.assertEqual(len(body["data"]), body["filter"]["page_size"]) self.assertEqual(body["filter"]["total"], self.total + 3)
def test_view_success(self): """查看成功 """ resp = self.api_get(f"/user/{self.current_user.uuid}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_user_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] self.assertEqual(data["username"], self.current_username)
def test_get_token_success(self): """获取 token 成功 """ resp = self.api_post("/token", body={ "username": self.current_username, "password": self.current_password, }) body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.post_token.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] payload = decode_token(data["access_token"]) self.assertEqual(payload["uid"], str(self.current_user.uuid))
def test_get_success(self): """success """ name = "my-permission" summary = "my summary" perm = Permission(name=name, summary=summary) self.db.add(perm) self.db.commit() resp = self.api_get(f"/permission/id?name={perm.name}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_permission_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) self.assertEqual(body["id"], str(perm.uuid))
def test_create_success(self): """创建成功 """ username = "******" password = "******" resp = self.api_post("/user", body={ "username": username, "password": password, }) body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.post_user.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) user = self.db.query(User).filter_by(username=username).one() self.assertEqual(user.validate_password(password), True)
def test_notexist_roles(self): """使用不存在的角色ID """ user_id = str(uuid.uuid4()) notexist_total = 12 resp = self.api_post( f"/user/{user_id}/role/append", body={ "roles": [str(uuid.uuid4()) for i in range(notexist_total)], }) body = get_body_json(resp) self.assertEqual(resp.code, 400) spec = self.rs.post_user_id_role_append.op_spec["responses"][ "default"]["schema"] api.validate_object(spec, body) self.assertEqual(body["status"], "have-not-exist") self.assertEqual(len(body["data"]), notexist_total)
def test_get_success(self): """获取详情正确 """ name = "my-permission" summary = "my summary" perm = Permission(name=name, summary=summary) self.db.add(perm) self.db.commit() resp = self.api_get(f"/permission/{perm.uuid}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_permission_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] self.assertEqual(data["summary"], summary) self.assertEqual(data["created"], utc_rfc3339_string(perm.created)) self.assertEqual(data["updated"], utc_rfc3339_string(perm.updated))
def test_get_success(self): """正确 """ role_name = "my-role" role_summary = "my summary" role = Role(name=role_name, summary=role_summary) self.db.add(role) self.db.commit() resp = self.api_get(f"/role/{role.uuid}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_role_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] self.assertEqual(data["summary"], role_summary) self.assertEqual(data["created"], utc_rfc3339_string(role.created)) self.assertEqual(data["updated"], utc_rfc3339_string(role.updated))
def test_get_token_success(self): """获取 token 成功 """ username = "******" resp = self.api_post("/user", body={"username": username}) body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) resp = self.api_post("/open_token", body={"username": username}) body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.post_open_token.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) user = self.db.query(User).filter_by(username=username).first() data = body["data"] payload = decode_token(data["access_token"]) self.assertEqual(payload["uid"], str(user.uuid))
def test_notexist_permissions(self): """使用不存在的权限名称 """ role_name = "my-role" role = Role(name=role_name) self.db.add(role) self.db.commit() notexist_total = 12 resp = self.api_post("/role/permission/remove", body={ "role": role.name, "permissions": [str(uuid.uuid4()) for i in range(notexist_total)], }) body = get_body_json(resp) self.assertEqual(resp.code, 400) spec = self.rs.post_role_permission_remove.op_spec[ "responses"]["default"]["schema"] api.validate_object(spec, body) self.assertEqual(body["status"], "have-not-exist") self.assertEqual(len(body["data"]), notexist_total)
def test_success(self): """正确 """ numbers = 10 basename = "myrole" for i in range(numbers): role = Role(name=basename + str(i)) self.db.add(role) self.current_user.roles.append(role) self.db.commit() resp = self.api_get("/my/role") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_my_role.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) names = [role["name"] for role in body["data"]] self.assertEqual([basename + str(i) for i in range(numbers)], sorted(names))
def test_create_success(self): """创建成功 """ user_pk_id = self.current_user.id name = "for-ceate-test" app_secret = "secret" resp = self.api_post("/app", body={ "name": name, "app_secret": app_secret, }) body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.post_app.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) app = self.db.query(App).filter( and_( App.user_id == user_pk_id, App.name == name, )).one() self.assertEqual(app.validate_secret(app_secret), True)
def validate_default_error(body): spec = api.spec_dict["definitions"]["DefaultErrorResponse"] api.validate_object(spec, body)