tests: switch to WebTest for mock requests (#6185)
This commit is contained in:
parent
ae534c1774
commit
b8c0f9067f
|
@ -4,94 +4,112 @@ import tempfile
|
|||
|
||||
import pytest
|
||||
|
||||
from quixote import cleanup, get_publisher
|
||||
from qommon import errors, sessions
|
||||
from wcs import formdef, publisher
|
||||
from wcs.qommon.http_request import HTTPRequest
|
||||
from wcs.formdef import FormDef
|
||||
from wcs.categories import Category
|
||||
import wcs.forms.root
|
||||
from webtest import TestApp
|
||||
|
||||
sys.modules['formdef'] = formdef
|
||||
from quixote.wsgi import QWIP
|
||||
from quixote import cleanup, get_publisher
|
||||
from wcs.qommon import errors, sessions
|
||||
from qommon.ident.password_accounts import PasswordAccount
|
||||
from wcs import publisher
|
||||
from wcs.qommon.http_request import HTTPRequest
|
||||
|
||||
QWIP.request_class = HTTPRequest
|
||||
|
||||
|
||||
def setup_module(module):
|
||||
cleanup()
|
||||
|
||||
global pub, req
|
||||
global pub
|
||||
|
||||
publisher.WcsPublisher.APP_DIR = tempfile.mkdtemp()
|
||||
pub = publisher.WcsPublisher.create_publisher()
|
||||
|
||||
req = HTTPRequest(None, {'SCRIPT_NAME': '/', 'SERVER_NAME': 'example.net'})
|
||||
req._user = None
|
||||
req.language = 'en'
|
||||
pub._set_request(req)
|
||||
req.session = sessions.Session(id=1)
|
||||
pub.set_app_dir(req)
|
||||
pub.cfg['identification'] = {'methods': ['password']}
|
||||
pub.write_cfg()
|
||||
|
||||
def create_superuser():
|
||||
global user1
|
||||
user1 = pub.user_class(name='user-one-role')
|
||||
user1.id = 'user-one-role'
|
||||
user1 = pub.user_class(name='admin')
|
||||
user1.id = 'admin'
|
||||
user1.is_admin = True
|
||||
user1.store()
|
||||
|
||||
account1 = PasswordAccount(id='admin')
|
||||
account1.set_password('admin')
|
||||
account1.user_id = user1.id
|
||||
account1.store()
|
||||
|
||||
def get_app():
|
||||
return TestApp(QWIP(pub), extra_environ={'HTTP_HOST': 'example.net'})
|
||||
|
||||
def login(app):
|
||||
login_page = app.get('/login/')
|
||||
login_form = login_page.forms['login-form']
|
||||
login_form['username'] = 'admin'
|
||||
login_form['password'] = 'admin'
|
||||
resp = login_form.submit()
|
||||
assert resp.status_int == 302
|
||||
return app
|
||||
|
||||
|
||||
def teardown_module(module):
|
||||
shutil.rmtree(pub.APP_DIR)
|
||||
|
||||
|
||||
def visit_page(path, user=None):
|
||||
req._user = req.session.user = user
|
||||
if req._user:
|
||||
req.session.user = user.id
|
||||
return str(get_publisher().root_directory._q_traverse(path.split('/')))
|
||||
|
||||
|
||||
def test_empty_site():
|
||||
visit_page('admin/')
|
||||
|
||||
get_app().get('/admin/')
|
||||
|
||||
def test_with_user():
|
||||
create_superuser()
|
||||
with pytest.raises(errors.AccessUnauthorizedError):
|
||||
visit_page('admin/')
|
||||
visit_page('admin/', user=user1)
|
||||
resp = get_app().get('/admin/', status=302)
|
||||
resp = resp.follow()
|
||||
assert resp.location == 'http://example.net/login/'
|
||||
|
||||
def test_with_superuser():
|
||||
app = login(get_app())
|
||||
app.get('/admin/')
|
||||
|
||||
def test_forms():
|
||||
visit_page('admin/forms/', user=user1)
|
||||
visit_page('admin/forms/new', user=user1)
|
||||
app = login(get_app())
|
||||
app.get('/admin/forms/')
|
||||
app.get('/admin/forms/new')
|
||||
|
||||
def test_workflows():
|
||||
visit_page('admin/workflows/', user=user1)
|
||||
visit_page('admin/workflows/new', user=user1)
|
||||
app = login(get_app())
|
||||
app.get('/admin/workflows/')
|
||||
app.get('/admin/workflows/new')
|
||||
|
||||
def test_users():
|
||||
visit_page('admin/users/', user=user1)
|
||||
visit_page('admin/users/new', user=user1)
|
||||
app = login(get_app())
|
||||
app.get('/admin/users/')
|
||||
app.get('/admin/users/new')
|
||||
|
||||
def test_roles():
|
||||
visit_page('admin/roles/', user=user1)
|
||||
visit_page('admin/roles/new', user=user1)
|
||||
app = login(get_app())
|
||||
app.get('/admin/roles/')
|
||||
app.get('/admin/roles/new')
|
||||
|
||||
def test_categories():
|
||||
visit_page('admin/categories/', user=user1)
|
||||
visit_page('admin/categories/new', user=user1)
|
||||
app = login(get_app())
|
||||
app.get('/admin/categories/')
|
||||
app.get('/admin/categories/new')
|
||||
|
||||
def test_settings():
|
||||
visit_page('admin/settings/', user=user1)
|
||||
visit_page('admin/settings/themes', user=user1)
|
||||
visit_page('admin/settings/users', user=user1)
|
||||
visit_page('admin/settings/template', user=user1)
|
||||
visit_page('admin/settings/misc', user=user1)
|
||||
visit_page('admin/settings/emails', user=user1)
|
||||
visit_page('admin/settings/debug_options', user=user1)
|
||||
visit_page('admin/settings/language', user=user1)
|
||||
visit_page('admin/settings/import', user=user1)
|
||||
visit_page('admin/settings/export', user=user1)
|
||||
visit_page('admin/settings/identification', user=user1)
|
||||
visit_page('admin/settings/sitename', user=user1)
|
||||
visit_page('admin/settings/sms', user=user1)
|
||||
visit_page('admin/settings/certificates', user=user1)
|
||||
visit_page('admin/settings/texts', user=user1)
|
||||
visit_page('admin/settings/session', user=user1)
|
||||
visit_page('admin/settings/admin-permissions', user=user1)
|
||||
app = login(get_app())
|
||||
app.get('/admin/settings/')
|
||||
app.get('/admin/settings/themes')
|
||||
app.get('/admin/settings/users')
|
||||
app.get('/admin/settings/template')
|
||||
app.get('/admin/settings/misc')
|
||||
app.get('/admin/settings/emails')
|
||||
app.get('/admin/settings/debug_options')
|
||||
app.get('/admin/settings/language')
|
||||
app.get('/admin/settings/import')
|
||||
app.get('/admin/settings/export')
|
||||
app.get('/admin/settings/identification')
|
||||
app.get('/admin/settings/sitename')
|
||||
app.get('/admin/settings/sms')
|
||||
app.get('/admin/settings/certificates')
|
||||
app.get('/admin/settings/texts')
|
||||
app.get('/admin/settings/session')
|
||||
app.get('/admin/settings/admin-permissions')
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
import urlparse
|
||||
import tempfile
|
||||
import shutil
|
||||
import json
|
||||
import os
|
||||
import hmac
|
||||
import base64
|
||||
|
@ -9,20 +7,24 @@ import hashlib
|
|||
import urllib
|
||||
import datetime
|
||||
|
||||
from webtest import TestApp
|
||||
|
||||
from quixote import cleanup, get_publisher
|
||||
from quixote.wsgi import QWIP
|
||||
from wcs import publisher
|
||||
from qommon import sessions
|
||||
from wcs.qommon.http_request import HTTPRequest
|
||||
from wcs.users import User
|
||||
from wcs.categories import Category
|
||||
|
||||
pub, req, app_dir, user = None, None, None, None
|
||||
|
||||
QWIP.request_class = HTTPRequest
|
||||
|
||||
def setup_module(module):
|
||||
cleanup()
|
||||
|
||||
global pub, req, app_dir, user
|
||||
APP_DIR = tempfile.mkdtemp()
|
||||
APP_DIR = tempfile.mkdtemp()
|
||||
publisher.WcsPublisher.APP_DIR = APP_DIR
|
||||
pub = publisher.WcsPublisher.create_publisher()
|
||||
# allow saving the user
|
||||
|
@ -38,71 +40,45 @@ def setup_module(module):
|
|||
coucou = 1234
|
||||
''')
|
||||
|
||||
req = HTTPRequest(None, {'SCRIPT_NAME': '/', 'SERVER_NAME': 'example.net'})
|
||||
req._user = None
|
||||
req.language = 'en'
|
||||
pub._set_request(req)
|
||||
req.session = sessions.Session(id=1)
|
||||
category = Category()
|
||||
category.name = 'category'
|
||||
category.store()
|
||||
|
||||
|
||||
def visit_page(url, body=None):
|
||||
global req
|
||||
|
||||
parsed = urlparse.urlparse(url)
|
||||
environ = {}
|
||||
environ['SCRIPT_NAME'] = '/'
|
||||
environ['SERVER_NAME'] = 'example.net'
|
||||
environ['PATH_INFO'] = parsed.path
|
||||
if parsed.query:
|
||||
environ['QUERY_STRING'] = parsed.query
|
||||
req = HTTPRequest(body, environ)
|
||||
return get_publisher().process_request(req)
|
||||
|
||||
def teardown_module(module):
|
||||
global pub
|
||||
shutil.rmtree(pub.APP_DIR)
|
||||
|
||||
def get_app():
|
||||
return TestApp(QWIP(pub), extra_environ={'HTTP_HOST': 'example.net'})
|
||||
|
||||
def test_user_page_redirect():
|
||||
output = visit_page('/user')
|
||||
assert output.headers.get('location') == 'http://example.net//myspace/'
|
||||
output = get_app().get('/user')
|
||||
assert output.headers.get('location') == 'http://example.net/myspace/'
|
||||
|
||||
def test_user_page_error_when_json_and_no_user():
|
||||
output = visit_page('/user?format=json')
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
assert content == '???'
|
||||
output = get_app().get('/user?format=json')
|
||||
assert output.body == '???'
|
||||
|
||||
def test_get_user_from_api_query_string_error_missing_orig():
|
||||
output = visit_page('/user?format=json&signature=xxx')
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'missing/multiple orig field'
|
||||
output = get_app().get('/user?format=json&signature=xxx', status=403)
|
||||
assert output.json['err_desc'] == 'missing/multiple orig field'
|
||||
|
||||
def test_get_user_from_api_query_string_error_invalid_orig():
|
||||
output = visit_page('/user?format=json&orig=coin&signature=xxx')
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'invalid orig'
|
||||
output = get_app().get('/user?format=json&orig=coin&signature=xxx', status=403)
|
||||
assert output.json['err_desc'] == 'invalid orig'
|
||||
|
||||
def test_get_user_from_api_query_string_error_missing_algo():
|
||||
output = visit_page('/user?format=json&orig=coucou&signature=xxx')
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'missing/multiple algo field'
|
||||
output = get_app().get('/user?format=json&orig=coucou&signature=xxx', status=403)
|
||||
assert output.json['err_desc'] == 'missing/multiple algo field'
|
||||
|
||||
def test_get_user_from_api_query_string_error_invalid_algo():
|
||||
output = visit_page('/user?format=json&orig=coucou&signature=xxx&algo=coin')
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'invalid algo'
|
||||
output = get_app().get('/user?format=json&orig=coucou&signature=xxx&algo=coin', status=403)
|
||||
assert output.json['err_desc'] == 'invalid algo'
|
||||
|
||||
def test_get_user_from_api_query_string_error_invalid_signature():
|
||||
output = visit_page('/user?format=json&orig=coucou&signature=xxx&algo=sha1')
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'invalid signature'
|
||||
output = get_app().get('/user?format=json&orig=coucou&signature=xxx&algo=sha1', status=403)
|
||||
assert output.json['err_desc'] == 'invalid signature'
|
||||
|
||||
def test_get_user_from_api_query_string_error_missing_timestamp():
|
||||
signature = urllib.quote(
|
||||
|
@ -110,10 +86,8 @@ def test_get_user_from_api_query_string_error_missing_timestamp():
|
|||
hmac.new('1234',
|
||||
'format=json&orig=coucou&algo=sha1',
|
||||
hashlib.sha1).digest()))
|
||||
output = visit_page('/user?format=json&orig=coucou&algo=sha1&signature=%s' % signature)
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'missing/multiple timestamp field'
|
||||
output = get_app().get('/user?format=json&orig=coucou&algo=sha1&signature=%s' % signature, status=403)
|
||||
assert output.json['err_desc'] == 'missing/multiple timestamp field'
|
||||
|
||||
def test_get_user_from_api_query_string_error_missing_email():
|
||||
timestamp = datetime.datetime.utcnow().isoformat()[:19] + 'Z'
|
||||
|
@ -123,10 +97,8 @@ def test_get_user_from_api_query_string_error_missing_email():
|
|||
hmac.new('1234',
|
||||
query,
|
||||
hashlib.sha1).digest()))
|
||||
output = visit_page('/user?%s&signature=%s' % (query, signature))
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'missing email or NameID fields'
|
||||
output = get_app().get('/user?%s&signature=%s' % (query, signature), status=403)
|
||||
assert output.json['err_desc'] == 'missing email or NameID fields'
|
||||
|
||||
def test_get_user_from_api_query_string_error_success_sha1():
|
||||
timestamp = datetime.datetime.utcnow().isoformat()[:19] + 'Z'
|
||||
|
@ -136,10 +108,8 @@ def test_get_user_from_api_query_string_error_success_sha1():
|
|||
hmac.new('1234',
|
||||
query,
|
||||
hashlib.sha1).digest()))
|
||||
output = visit_page('/user?%s&signature=%s' % (query, signature))
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['user_display_name'] == u'Jean Darmette'
|
||||
output = get_app().get('/user?%s&signature=%s' % (query, signature))
|
||||
assert output.json['user_display_name'] == u'Jean Darmette'
|
||||
|
||||
def test_get_user_from_api_query_string_error_invalid_signature_algo_mismatch():
|
||||
timestamp = datetime.datetime.utcnow().isoformat()[:19] + 'Z'
|
||||
|
@ -149,10 +119,8 @@ def test_get_user_from_api_query_string_error_invalid_signature_algo_mismatch():
|
|||
hmac.new('1234',
|
||||
query,
|
||||
hashlib.sha1).digest()))
|
||||
output = visit_page('/user?%s&signature=%s' % (query, signature))
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['err_desc'] == 'invalid signature'
|
||||
output = get_app().get('/user?%s&signature=%s' % (query, signature), status=403)
|
||||
assert output.json['err_desc'] == 'invalid signature'
|
||||
|
||||
def test_get_user_from_api_query_string_error_success_sha256():
|
||||
timestamp = datetime.datetime.utcnow().isoformat()[:19] + 'Z'
|
||||
|
@ -162,7 +130,5 @@ def test_get_user_from_api_query_string_error_success_sha256():
|
|||
hmac.new('1234',
|
||||
query,
|
||||
hashlib.sha256).digest()))
|
||||
output = visit_page('/user?%s&signature=%s' % (query, signature))
|
||||
content = ''.join(output.generate_body_chunks())
|
||||
result = json.loads(content)
|
||||
assert result['user_display_name'] == u'Jean Darmette'
|
||||
output = get_app().get('/user?%s&signature=%s' % (query, signature))
|
||||
assert output.json['user_display_name'] == u'Jean Darmette'
|
||||
|
|
Loading…
Reference in New Issue