def test_auth_unique_uri(self): from rest_api_framework.pagination import Pagination ressources = [{"id": "azerty"}] authentication = ApiKeyAuthentication( PythonListDataStore(ressources, ApiModel)) class ApiAppAuth(ApiApp): controller = { "list_verbs": ["GET", "POST"], "unique_verbs": ["GET", "PUT", "DElETE"], "options": { "pagination": Pagination(20), "authentication": authentication, "authorization": ApiKeyAuthorization } } client = Client(WSGIDispatcher([ApiAppAuth]), response_wrapper=BaseResponse) resp = client.get("/address/1/?apikey=azerty") self.assertEqual(resp.status_code, 200) resp = client.get("/address/1/?apikey=querty") self.assertEqual(resp.status_code, 401)
def test_post_auth(self): """ Test a read only api. GET should be ok, POST and PUT should not """ from rest_api_framework.pagination import Pagination ressources = [{"id": "azerty"}] authentication = ApiKeyAuthentication( PythonListDataStore(ressources, ApiModel)) class ApiAppAuth(ApiApp): controller = { "list_verbs": ["GET"], "unique_verbs": ["GET"], "options": { "pagination": Pagination(20), "authentication": authentication, "authorization": ApiKeyAuthorization } } client = Client(WSGIDispatcher([ApiAppAuth]), response_wrapper=BaseResponse) resp = client.get("/address/1/?apikey=azerty") self.assertEqual(resp.status_code, 200) resp = client.post("/address/?apikey=azerty", data=json.dumps({ 'name': 'bob', 'age': 34 })) self.assertEqual(resp.status_code, 405)
def test_update(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel) self.assertEqual( store.update({ "name": "bob", "age": "34", "id": 34 }, {"name": "boby mc gee"}), { "name": "boby mc gee", "age": "34", "id": 34 }) # adress is not part of the ressource description, it should # raise self.assertRaises(BadRequest, store.update, { "name": "bob", "age": "35", "id": 35 }, {"adress": "1, main street"}) self.assertRaises(NotFound, store.update, { "name": "bob", "age": "100", "id": 100 }, {"name": "boby mc gee"})
def test_pagination(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel, paginate_by=10) self.assertEqual(len(store.paginate(data_list, 0, 10)), 10) self.assertEqual(store.paginate(data_list, 10, None)[0]["id"], 10) self.assertEqual(store.paginate(data_list, 0, 15)[-1]["id"], 14)
def test_filter(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel) self.assertEqual(len(store.filter(age=24)), 1) self.assertEqual(len(store.filter(name="bob")), 100) self.assertEqual(len(store.filter(name="john")), 0) self.assertEqual(len(store.filter(name="bob", age=12)), 1)
def test_delete(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel) # the object exists self.assertEqual(store.get(10)["id"], 10) # is delete self.assertEqual(store.delete(10), None) # does not exist anymore self.assertRaises(NotFound, store.get, 10)
class BadConfRateLimitApiApp(ApiApp): controller = { "list_verbs": ["GET", "POST"], "unique_verbs": ["GET", "PUT", "DELETE"], "options": { "ratelimit": RateLimit(PythonListDataStore(ratelimit_ressources, RateLimitModel), interval=1, quota=2) } }
def test_create(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel) # The object does not exists self.assertRaises(NotFound, store.get, 100) # The object is created self.assertEqual(store.create({"name": "bob", "age": 34}), 100) # The object exists self.assertEqual(store.get(100)["id"], 100) self.assertRaises(BadRequest, store.create, { "name": "bob", "age": "34" })
def test_validation(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel) self.assertEqual(store.validate({"name": "bob", "age": 34}), None) self.assertRaises(BadRequest, store.validate, "a test") self.assertRaises(BadRequest, store.validate, { "name": "bob", "age": "34" }) self.assertRaises(BadRequest, store.validate_fields, {"age": "34"}) self.assertRaises(BadRequest, store.validate_fields, "age") data_list = [] class OtherModel(models.Model): fields = [ models.TimestampField(name="timestamp", required=True), models.PkField(name="id") ] store = PythonListDataStore(data_list, OtherModel) self.assertRaises(BadRequest, store.validate_fields, {"timestamp": 2345})
def test_basic_auth(self): from base64 import b64encode class BasicModel(models.Model): fields = [ models.StringPkField(name="user", required=True), models.StringField(name="password", required=True) ] ressources = [{"user": "******", "password": "******"}] authentication = BasicAuthentication( PythonListDataStore(ressources, ApiModel)) class ApiAppAuth(ApiApp): controller = { "list_verbs": ["GET"], "unique_verbs": ["GET"], "options": { "authentication": authentication, "authorization": Authorization } } client = Client(WSGIDispatcher([ApiAppAuth]), response_wrapper=BaseResponse) credentials = b64encode("login:pass") headers = Headers([('Authorization: Basic', credentials)]) resp = client.get("/address/1/", headers=headers) self.assertEqual(resp.status_code, 200) credentials = b64encode("login:hackme") headers = Headers([('Authorization: Basic', credentials)]) resp = client.get("/address/1/", headers=headers) self.assertEqual(resp.status_code, 401) resp = client.get("/address/1/") self.assertEqual(resp.status_code, 401)
def test_validator(self): from rest_api_framework.datastore.validators import UniqueTogether data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel, validators=[UniqueTogether("age", "name")]) self.assertEqual(store.validate({"name": "bob", "age": 209}), None) self.assertRaises(BadRequest, store.validate, { "name": "bob", "age": 20 }) self.assertRaises(BadRequest, store.update, { "name": "bob", "age": 34, "id": 34 }, {"age": 20}) store = SQLiteDataStore({ "name": "test.db", "table": "address" }, ApiModel, validators=[UniqueTogether("age", "name")]) for i in range(100): store.create({"name": "bob", "age": i + 1}) self.assertEqual(store.validate({"name": "bob", "age": 209}), None) self.assertRaises(BadRequest, store.validate, { "name": "bob", "age": 20 }) os.remove("test.db")
ressources = [{"name": "bob", "age": a, "id": a} for a in range(100)] ratelimit_ressources = [{"id": "azerty"}] class RateLimitModel(models.Model): fields = [ models.StringPkField(name="id"), models.IntegerField(name="quota"), models.TimestampField(name="last_request") ] authentication = ApiKeyAuthentication( PythonListDataStore(ratelimit_ressources, ApiModel)) class RateLimitApiApp(ApiApp): controller = { "list_verbs": ["GET", "POST"], "unique_verbs": ["GET", "PUT", "DELETE"], "options": { "authentication": authentication, "ratelimit": RateLimit(PythonListDataStore(ratelimit_ressources, RateLimitModel), interval=1, quota=2) }
def test_get(self): data_list = [{"name": "bob", "age": a, "id": a} for a in range(100)] store = PythonListDataStore(data_list, ApiModel) self.assertEqual(store.get(10)["id"], 10) self.assertRaises(NotFound, store.get, 100)