From 02854226543bd3349455b7ca91c24999216957c2 Mon Sep 17 00:00:00 2001 From: Kevin Glisson Date: Thu, 25 Jun 2015 13:43:42 -0700 Subject: [PATCH] Adding some structure for authenticated tests --- lemur/accounts/views.py | 2 +- lemur/auth/service.py | 3 +-- lemur/tests/conftest.py | 45 ++++++++++++++++++++++++++---------- lemur/tests/test_accounts.py | 13 +++-------- 4 files changed, 38 insertions(+), 25 deletions(-) diff --git a/lemur/accounts/views.py b/lemur/accounts/views.py index b3304af4..2729ec47 100644 --- a/lemur/accounts/views.py +++ b/lemur/accounts/views.py @@ -181,7 +181,7 @@ class Accounts(AuthenticatedResource): @marshal_items(FIELDS) def put(self, account_id): """ - .. http:post:: /accounts/1 + .. http:put:: /accounts/1 Updates an account diff --git a/lemur/auth/service.py b/lemur/auth/service.py index 0675f640..facad7c4 100644 --- a/lemur/auth/service.py +++ b/lemur/auth/service.py @@ -96,9 +96,8 @@ def login_required(f): response.status_code = 401 return response - token = request.headers.get('Authorization').split()[1] - try: + token = request.headers.get('Authorization').split()[1] payload = jwt.decode(token, current_app.config['TOKEN_SECRET']) except jwt.DecodeError: return dict(message='Token is invalid'), 403 diff --git a/lemur/tests/conftest.py b/lemur/tests/conftest.py index 135b5ca7..2d680850 100644 --- a/lemur/tests/conftest.py +++ b/lemur/tests/conftest.py @@ -1,9 +1,11 @@ import pytest +from flask import current_app + from lemur import create_app -from lemur.database import db as _db from flask.ext.sqlalchemy import SignallingSession +from flask.ext.principal import Identity, identity_changed from sqlalchemy import event @@ -45,26 +47,45 @@ def app(): ctx.pop() -@pytest.yield_fixture(scope="session") -def db(): - _db.create_all() - - yield _db - - _db.drop_all() +@pytest.yield_fixture(scope="function") +def unauth_client(app): + with app.test_client() as client: + yield client @pytest.yield_fixture(scope="function") -def session(app, db): +def auth_client(app): + with app.test_client() as client: + yield client + + +@pytest.yield_fixture(scope="function") +def admin_client(app): + with app.test_client() as client: + yield client + + + +@pytest.yield_fixture(scope="session") +def database(app): + app.db.create_all() + + yield app.db + + app.db.drop_all() + + +@pytest.yield_fixture(scope="function") +def session(database): """ Creates a new database session with (with working transaction) for test duration. """ - connection = _db.engine.connect() + connection = database.engine.connect() transaction = connection.begin() options = dict(bind=connection) - session = _db.create_scoped_session(options=options) + session = database.create_scoped_session(options=options) # then each time that SAVEPOINT ends, reopen it @event.listens_for(SignallingSession, "after_transaction_end") @@ -81,7 +102,7 @@ def session(app, db): # pushing new Flask application context for multiple-thread # tests to work - _db.session = session + database.session = session yield session diff --git a/lemur/tests/test_accounts.py b/lemur/tests/test_accounts.py index 19f5bd8d..3d1de94d 100644 --- a/lemur/tests/test_accounts.py +++ b/lemur/tests/test_accounts.py @@ -40,14 +40,7 @@ def test_unauthenticated_views(client): assert client.delete(api.url_for(Accounts, account_id=1)).status_code == 401 assert client.patch(api.url_for(Accounts, account_id=1), {}).status_code == 405 - assert client.get(api.url_for(AccountsList)).status_code == 401 - assert client.post(api.url_for(AccountsList), {}).status_code == 401 - assert client.put(api.url_for(AccountsList), {}).status_code == 405 - assert client.delete(api.url_for(AccountsList)).status_code == 405 - assert client.patch(api.url_for(Accounts), {}).status_code == 405 +VALID_TOKEN = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI' - assert client.get(api.url_for(CertificateAccounts, certificate_id=1)).status_code == 401 - assert client.post(api.url_for(CertificateAccounts), {}).status_code == 405 - assert client.put(api.url_for(CertificateAccounts), {}).status_code == 405 - assert client.delete(api.url_for(CertificateAccounts)).status_code == 405 - assert client.patch(api.url_for(CertificateAccounts), {}).status_code == 405 +def test_auth_account_get(auth_client): + assert auth_client.get(api.url_for(Accounts, account_id=1), headers={'Authorization': 'Basic ' + VALID_TOKEN}).status_code == 200 \ No newline at end of file