示例#1
0
def test_get_project_fail(temp_app, temp_db):
    '''Tests various failure cases when getting a project'''

    # Tests trying to get nonexistent project
    login_res = login_mackland(temp_app)
    auth_token = login_res['accessToken']
    res = get_project(0, auth_token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 400
    assert res_data['error'] == 'Project does not exist'

    # Tests trying to get a project created by a different user
    res = get_project(1, auth_token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 403
    assert res_data['error'] == 'Forbidden: project belongs to another user'

    # Tests trying to get a project with no auth header
    res = temp_app.get('/project/1')
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'No authentication provided'

    # Tests trying to get a project with no auth token
    res = temp_app.get('/project/1', headers=dict(Authorization='Bearer '))
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'No authentication provided'

    # Tests trying to get a project with an expired token
    token = generate_expired_token('access',
                                   temp_app.application.config['SECRET_KEY'])
    res = get_project(1, token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token'

    # Tests trying to get a project with a token signed with the wrong key
    token = generate_invalid_token('access')
    res = get_project(1, token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token'

    # Tests trying to use a refresh token to access projects
    token = encode_auth_token('refresh', 1, datetime.timedelta(days=3),
                              temp_app.application.config['SECRET_KEY'])
    res = get_project(1, token.decode(), temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token type'
示例#2
0
def test_get_shared_project_fail(temp_app, temp_db):
    ''' Tests various failure cases getting a shared project '''

    # get a project that exists, but isn't shared
    res = temp_app.get('/project/shared/1')
    res_data = json.loads(res.data)
    assert res.status_code == 403
    assert res_data['error'] == 'Forbidden: Project is private'

    # get a project that doesn't exist
    res = temp_app.get('/project/shared/100')
    res_data = json.loads(res.data)
    assert res.status_code == 404
    assert res_data['error'] == 'Project does not exist'
def test_get_dog(temp_app, temp_db):
    """Tests to make sure getting a specific dog works."""
    res = temp_app.get('/api/dogs/normie')
    res_data = json.loads(res.data)
    assert res.status_code == 200, 'The response should have a status code of 200 - OK.'
    assert isinstance(res_data, dict), 'The data should be a json dict.'
    assert '_id' not in res_data
def test_get_nonexistent_dog(temp_app, temp_db):
    """Tests to see if lookup of nonexistent dog fails properly."""
    res = temp_app.get('api/dogs/bob')
    res_data = json.loads(res.data)
    assert res.status_code == 404, 'The response should be 404 -- NOT FOUND'
    assert isinstance(res_data, dict), 'The data should be a json dict.'
    assert 'error' in res_data
示例#5
0
def test_get_dogs(temp_app, temp_db):
    """Tests to make sure getting all dogs works."""
    res = temp_app.get('/api/dogs')
    res_data = json.loads(res.data)
    assert res.status_code == 200, 'The response should have a status code of 200 - OK.'
    assert isinstance(res_data, list), 'The data should be a json list.'
    assert '_id' not in res_data[0]
示例#6
0
def test_get_shared_project(temp_app, temp_db):
    ''' Tests getting a shared project '''
    res = temp_app.get('/project/shared/2')
    res_data = json.loads(res.data)
    assert res.status_code == 200
    assert isinstance(res_data['project'], dict)
    assert 'id' not in res_data
    assert 'name' not in res_data
示例#7
0
def test_get_projects_fail(temp_app, temp_db):
    '''Tests getting projects with various failure cases'''

    # Tests trying to get projects with no auth header
    res = temp_app.get('/projects')
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'No authentication provided'

    # Tests trying to get projects with no auth header
    res = temp_app.get('/projects', headers=dict(Authorization='Bearer '))
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'No authentication provided'

    # Tests trying to get projects with an expired token
    token = generate_expired_token('access',
                                   temp_app.application.config['SECRET_KEY'])
    res = get_projects(token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token'

    # Tests trying to get projects with a token signed with the wrong key
    token = generate_invalid_token('access')
    res = get_projects(token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token'

    # Tests trying to use a refresh token to access projects
    token = encode_auth_token('refresh', 1, datetime.timedelta(days=3),
                              temp_app.application.config['SECRET_KEY'])
    res = get_projects(token.decode(), temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token type'
示例#8
0
def test_authenticate_fail(temp_app, temp_db):
    '''Tests various failure cases when verifying a jwt'''

    # Tests verifying with no auth header
    res = temp_app.get('auth/authenticate')
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'No authentication provided'

    # Tests verifying with no auth token
    res = get_authenticate('', temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'No authentication provided'

    # Tests trying to verify with an expired token
    auth_token = generate_expired_token(
        'refresh', temp_app.application.config['SECRET_KEY'])
    res = get_authenticate(auth_token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token'

    # Tests trying to verify with a token signed with the wrong key
    auth_token = generate_invalid_token('refresh')
    res = get_authenticate(auth_token, temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token'

    # Tests trying to use an access token to refresh
    token = encode_auth_token('access', 1, datetime.timedelta(days=3),
                              temp_app.application.config['SECRET_KEY'])
    res = get_authenticate(token.decode(), temp_app)
    res_data = json.loads(res.data)
    assert res.status_code == 401
    assert res_data['error'] == 'Invalid token type'