123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217 |
- # coding=utf-8
- import datetime
- import pytest
- import transaction
- from sqlalchemy.exc import OperationalError
-
- from tracim_backend import models
- from tracim_backend.lib.core.group import GroupApi
- from tracim_backend.lib.core.user import UserApi
- from tracim_backend.models import get_tm_session
- from tracim_backend.tests import FunctionalTest
- from tracim_backend.tests import FunctionalTestNoDB
-
-
- class TestLogoutEndpoint(FunctionalTest):
-
- def test_api__access_logout_get_enpoint__ok__nominal_case(self):
- res = self.testapp.post_json('/api/v2/sessions/logout', status=204)
-
- def test_api__access_logout_post_enpoint__ok__nominal_case(self):
- res = self.testapp.get('/api/v2/sessions/logout', status=204)
-
-
- class TestLoginEndpointUnititedDB(FunctionalTestNoDB):
-
- def test_api__try_login_enpoint__err_500__no_inited_db(self):
- params = {
- 'email': 'admin@admin.admin',
- 'password': 'admin@admin.admin',
- }
- res = self.testapp.post_json(
- '/api/v2/sessions/login',
- params=params,
- status=500,
- )
- assert isinstance(res.json, dict)
- assert 'code' in res.json.keys()
- assert 'message' in res.json.keys()
- assert 'details' in res.json.keys()
-
-
- class TestLoginEndpoint(FunctionalTest):
-
- def test_api__try_login_enpoint__ok_200__nominal_case(self):
- params = {
- 'email': 'admin@admin.admin',
- 'password': 'admin@admin.admin',
- }
- res = self.testapp.post_json(
- '/api/v2/sessions/login',
- params=params,
- status=200,
- )
- assert res.json_body['created']
- datetime.datetime.strptime(
- res.json_body['created'],
- '%Y-%m-%dT%H:%M:%SZ'
- )
- assert res.json_body['public_name'] == 'Global manager'
- assert res.json_body['email'] == 'admin@admin.admin'
- assert res.json_body['is_active']
- assert res.json_body['profile']
- assert res.json_body['profile'] == 'administrators'
- assert res.json_body['caldav_url'] is None
- assert res.json_body['avatar_url'] is None
-
- def test_api__try_login_enpoint__err_401__user_not_activated(self):
- dbsession = get_tm_session(self.session_factory, transaction.manager)
- admin = dbsession.query(models.User) \
- .filter(models.User.email == 'admin@admin.admin') \
- .one()
- uapi = UserApi(
- current_user=admin,
- session=dbsession,
- config=self.app_config,
- )
- gapi = GroupApi(
- current_user=admin,
- session=dbsession,
- config=self.app_config,
- )
- groups = [gapi.get_one_with_name('users')]
- test_user = uapi.create_user(
- email='test@test.test',
- password='pass',
- name='bob',
- groups=groups,
- timezone='Europe/Paris',
- do_save=True,
- do_notify=False,
- )
- uapi.save(test_user)
- uapi.disable(test_user)
- transaction.commit()
-
- params = {
- 'email': 'test@test.test',
- 'password': 'test@test.test',
- }
- res = self.testapp.post_json(
- '/api/v2/sessions/login',
- params=params,
- status=403,
- )
-
- def test_api__try_login_enpoint__err_403__bad_password(self):
- params = {
- 'email': 'admin@admin.admin',
- 'password': 'bad_password',
- }
- res = self.testapp.post_json(
- '/api/v2/sessions/login',
- status=403,
- params=params,
- )
- assert isinstance(res.json, dict)
- assert 'code' in res.json.keys()
- assert 'message' in res.json.keys()
- assert 'details' in res.json.keys()
-
- def test_api__try_login_enpoint__err_403__unregistered_user(self):
- params = {
- 'email': 'unknown_user@unknown.unknown',
- 'password': 'bad_password',
- }
- res = self.testapp.post_json(
- '/api/v2/sessions/login',
- status=403,
- params=params,
- )
- assert isinstance(res.json, dict)
- assert 'code' in res.json.keys()
- assert 'message' in res.json.keys()
- assert 'details' in res.json.keys()
-
- def test_api__try_login_enpoint__err_400__no_json_body(self):
- res = self.testapp.post_json('/api/v2/sessions/login', status=400)
- assert isinstance(res.json, dict)
- assert 'code' in res.json.keys()
- assert 'message' in res.json.keys()
- assert 'details' in res.json.keys()
-
-
- class TestWhoamiEndpoint(FunctionalTest):
-
- def test_api__try_whoami_enpoint__ok_200__nominal_case(self):
- self.testapp.authorization = (
- 'Basic',
- (
- 'admin@admin.admin',
- 'admin@admin.admin'
- )
- )
- res = self.testapp.get('/api/v2/sessions/whoami', status=200)
- assert res.json_body['public_name'] == 'Global manager'
- assert res.json_body['email'] == 'admin@admin.admin'
- assert res.json_body['created']
- assert res.json_body['is_active']
- assert res.json_body['profile']
- assert res.json_body['profile'] == 'administrators'
- assert res.json_body['caldav_url'] is None
- assert res.json_body['avatar_url'] is None
- assert res.json_body['lang'] is None
-
- def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
- dbsession = get_tm_session(self.session_factory, transaction.manager)
- admin = dbsession.query(models.User) \
- .filter(models.User.email == 'admin@admin.admin') \
- .one()
- uapi = UserApi(
- current_user=admin,
- session=dbsession,
- config=self.app_config,
- )
- gapi = GroupApi(
- current_user=admin,
- session=dbsession,
- config=self.app_config,
- )
- groups = [gapi.get_one_with_name('users')]
- test_user = uapi.create_user(
- email='test@test.test',
- password='pass',
- name='bob',
- groups=groups,
- timezone='Europe/Paris',
- lang='en',
- do_save=True,
- do_notify=False,
- )
- uapi.save(test_user)
- uapi.disable(test_user)
- transaction.commit()
- self.testapp.authorization = (
- 'Basic',
- (
- 'test@test.test',
- 'pass'
- )
- )
-
- res = self.testapp.get('/api/v2/sessions/whoami', status=401)
-
- def test_api__try_whoami_enpoint__err_401__unauthenticated(self):
- self.testapp.authorization = (
- 'Basic',
- (
- 'john@doe.doe',
- 'lapin'
- )
- )
- res = self.testapp.get('/api/v2/sessions/whoami', status=401)
- assert isinstance(res.json, dict)
- assert 'code' in res.json.keys()
- assert 'message' in res.json.keys()
- assert 'details' in res.json.keys()
|