add per user api keys to the backend (#995)
Adds in per user api keys to the backend of lemur. the basics are: - API Keys are really just JWTs with custom second length TTLs. - API Keys are provided in the exact same ways JWTs are now. - API Keys can be revoked/unrevoked at any time by their creator as well as have their TTL Change at anytime. - Users can create/view/list their own API Keys at will, and an admin role has permission to modify all api keys in the instance. Adds in support for lemur api keys to the frontend of lemur. doing this required a few changes to the backend as well, but it is now all working (maybe not the best way though, review will determine that). - fixes inconsistency in moduleauthor name I inputted during the first commit. - Allows the revoke schema to optionally allow a full api_key object. - Adds `/users/:user_id/api_keys/:api_key` and `/users/:user_id/api_keys` endpoints. - normalizes use of `userId` vs `userId` - makes `put` call respond with a JWT so the frontend can show the token on updating. - adds in the API Key views for clicking "API Keys" on the main nav. - adds in the API Key views for clicking into a users edit page. - adds tests for the API Key backend views I added.
This commit is contained in:
@ -7,7 +7,7 @@ from lemur import create_app
|
||||
from lemur.database import db as _db
|
||||
from lemur.auth.service import create_token
|
||||
|
||||
from .factories import AuthorityFactory, NotificationFactory, DestinationFactory, \
|
||||
from .factories import ApiKeyFactory, AuthorityFactory, NotificationFactory, DestinationFactory, \
|
||||
CertificateFactory, UserFactory, RoleFactory, SourceFactory, EndpointFactory, RotationPolicyFactory
|
||||
|
||||
|
||||
@ -52,8 +52,9 @@ def db(app, request):
|
||||
|
||||
UserFactory()
|
||||
r = RoleFactory(name='admin')
|
||||
UserFactory(roles=[r])
|
||||
u = UserFactory(roles=[r])
|
||||
rp = RotationPolicyFactory(name='default')
|
||||
ApiKeyFactory(user=u)
|
||||
|
||||
_db.session.commit()
|
||||
yield _db
|
||||
|
@ -16,6 +16,7 @@ from lemur.users.models import User
|
||||
from lemur.roles.models import Role
|
||||
from lemur.endpoints.models import Policy, Endpoint
|
||||
from lemur.policies.models import RotationPolicy
|
||||
from lemur.api_keys.models import ApiKey
|
||||
|
||||
from .vectors import INTERNAL_VALID_SAN_STR, PRIVATE_KEY_STR
|
||||
|
||||
@ -260,3 +261,23 @@ class EndpointFactory(BaseFactory):
|
||||
class Meta:
|
||||
"""Factory Configuration."""
|
||||
model = Endpoint
|
||||
|
||||
|
||||
class ApiKeyFactory(BaseFactory):
|
||||
"""Api Key Factory."""
|
||||
name = Sequence(lambda n: 'api_key_{0}'.format(n))
|
||||
revoked = False
|
||||
ttl = -1
|
||||
issued_at = 1
|
||||
|
||||
class Meta:
|
||||
"""Factory Configuration."""
|
||||
model = ApiKey
|
||||
|
||||
@post_generation
|
||||
def user(self, create, extracted, **kwargs):
|
||||
if not create:
|
||||
return
|
||||
|
||||
if extracted:
|
||||
self.userId = extracted.id
|
||||
|
222
lemur/tests/test_api_keys.py
Normal file
222
lemur/tests/test_api_keys.py
Normal file
@ -0,0 +1,222 @@
|
||||
import json
|
||||
import pytest
|
||||
|
||||
from lemur.api_keys.views import * # noqa
|
||||
|
||||
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_api_key_list_get(client, token, status):
|
||||
assert client.get(api.url_for(ApiKeyList), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_api_key_list_post_invalid(client, token, status):
|
||||
assert client.post(api.url_for(ApiKeyList), data={}, headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,user_id,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 1, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 2, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 2, 200),
|
||||
('', 0, 401)
|
||||
])
|
||||
def test_api_key_list_post_valid_self(client, user_id, token, status):
|
||||
assert client.post(api.url_for(ApiKeyList), data=json.dumps({'name': 'a test token', 'userId': user_id, 'ttl': -1}), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_api_key_list_post_valid_no_permission(client, token, status):
|
||||
assert client.post(api.url_for(ApiKeyList), data=json.dumps({'name': 'a test token', 'userId': 2, 'ttl': -1}), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_api_key_list_patch(client, token, status):
|
||||
assert client.patch(api.url_for(ApiKeyList), data={}, headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_api_key_list_delete(client, token, status):
|
||||
assert client.delete(api.url_for(ApiKeyList), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_api_key_list_get(client, token, status):
|
||||
assert client.get(api.url_for(ApiKeyUserList, user_id=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_api_key_list_post_invalid(client, token, status):
|
||||
assert client.post(api.url_for(ApiKeyUserList, user_id=1), data={}, headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,user_id,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 1, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 2, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 2, 200),
|
||||
('', 0, 401)
|
||||
])
|
||||
def test_user_api_key_list_post_valid_self(client, user_id, token, status):
|
||||
assert client.post(api.url_for(ApiKeyUserList, user_id=1), data=json.dumps({'name': 'a test token', 'userId': user_id, 'ttl': -1}), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_api_key_list_post_valid_no_permission(client, token, status):
|
||||
assert client.post(api.url_for(ApiKeyUserList, user_id=2), data=json.dumps({'name': 'a test token', 'userId': 2, 'ttl': -1}), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_api_key_list_patch(client, token, status):
|
||||
assert client.patch(api.url_for(ApiKeyUserList, user_id=1), data={}, headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_api_key_list_delete(client, token, status):
|
||||
assert client.delete(api.url_for(ApiKeyUserList, user_id=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
|
||||
def test_api_key_get(client, token, status):
|
||||
assert client.get(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_api_key_post(client, token, status):
|
||||
assert client.post(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_api_key_patch(client, token, status):
|
||||
assert client.patch(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
|
||||
def test_api_key_put_permssions(client, token, status):
|
||||
assert client.put(api.url_for(ApiKeys, aid=1), data=json.dumps({'name': 'Test', 'revoked': False, 'ttl': -1}), headers=token).status_code == status
|
||||
|
||||
|
||||
# This test works while the other doesn't because the schema allows user id to be null.
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_api_key_described_get(client, token, status):
|
||||
assert client.get(api.url_for(ApiKeysDescribed, aid=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
|
||||
def test_user_api_key_get(client, token, status):
|
||||
assert client.get(api.url_for(UserApiKeys, uid=1, aid=1), headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_api_key_post(client, token, status):
|
||||
assert client.post(api.url_for(UserApiKeys, uid=2, aid=1), data={}, headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_api_key_patch(client, token, status):
|
||||
assert client.patch(api.url_for(UserApiKeys, uid=2, aid=1), data={}, headers=token).status_code == status
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
|
||||
def test_user_api_key_put_permssions(client, token, status):
|
||||
assert client.put(api.url_for(UserApiKeys, uid=2, aid=1), data=json.dumps({'name': 'Test', 'revoked': False, 'ttl': -1}), headers=token).status_code == status
|
@ -4,7 +4,7 @@ import pytest
|
||||
|
||||
from lemur.authorities.views import * # noqa
|
||||
from lemur.tests.factories import AuthorityFactory, RoleFactory
|
||||
from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from lemur.tests.vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
def test_authority_input_schema(client, role, issuer_plugin, logged_in_user):
|
||||
@ -47,7 +47,8 @@ def test_create_authority(issuer_plugin, user):
|
||||
|
||||
@pytest.mark.parametrize("token, count", [
|
||||
(VALID_USER_HEADER_TOKEN, 0),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 3)
|
||||
(VALID_ADMIN_HEADER_TOKEN, 3),
|
||||
(VALID_ADMIN_API_TOKEN, 3),
|
||||
])
|
||||
def test_admin_authority(client, authority, issuer_plugin, token, count):
|
||||
assert client.get(api.url_for(AuthoritiesList), headers=token).json['total'] == count
|
||||
@ -56,6 +57,7 @@ def test_admin_authority(client, authority, issuer_plugin, token, count):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_authority_get(client, token, status):
|
||||
@ -65,6 +67,7 @@ def test_authority_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_authority_post(client, token, status):
|
||||
@ -74,6 +77,7 @@ def test_authority_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_authority_put(client, token, status):
|
||||
@ -83,6 +87,7 @@ def test_authority_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_authority_delete(client, token, status):
|
||||
@ -92,6 +97,7 @@ def test_authority_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_authority_patch(client, token, status):
|
||||
@ -101,6 +107,7 @@ def test_authority_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_authorities_get(client, token, status):
|
||||
@ -110,6 +117,7 @@ def test_authorities_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_authorities_post(client, token, status):
|
||||
@ -119,6 +127,7 @@ def test_authorities_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_authorities_put(client, token, status):
|
||||
@ -128,6 +137,7 @@ def test_authorities_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_authorities_delete(client, token, status):
|
||||
@ -137,6 +147,7 @@ def test_authorities_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_authorities_patch(client, token, status):
|
||||
@ -146,6 +157,7 @@ def test_authorities_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificate_authorities_get(client, token, status):
|
||||
@ -155,6 +167,7 @@ def test_certificate_authorities_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificate_authorities_post(client, token, status):
|
||||
@ -164,6 +177,7 @@ def test_certificate_authorities_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_authorities_put(client, token, status):
|
||||
@ -173,6 +187,7 @@ def test_certificate_authorities_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_authorities_delete(client, token, status):
|
||||
@ -182,6 +197,7 @@ def test_certificate_authorities_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_authorities_patch(client, token, status):
|
||||
|
@ -15,7 +15,7 @@ from lemur.certificates.views import * # noqa
|
||||
from lemur.domains.models import Domain
|
||||
|
||||
|
||||
from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN, CSR_STR, \
|
||||
from lemur.tests.vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN, CSR_STR, \
|
||||
INTERNAL_VALID_LONG_STR, INTERNAL_VALID_SAN_STR, PRIVATE_KEY_STR
|
||||
|
||||
|
||||
@ -506,6 +506,7 @@ def test_upload_private_key_str(user):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificate_get_private_key(client, token, status):
|
||||
@ -515,6 +516,7 @@ def test_certificate_get_private_key(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificate_get(client, token, status):
|
||||
@ -530,6 +532,7 @@ def test_certificate_get_body(client):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_post(client, token, status):
|
||||
@ -539,6 +542,7 @@ def test_certificate_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificate_put(client, token, status):
|
||||
@ -553,6 +557,7 @@ def test_certificate_put_with_data(client, certificate, issuer_plugin):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_delete(client, token, status):
|
||||
@ -562,6 +567,7 @@ def test_certificate_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_patch(client, token, status):
|
||||
@ -571,6 +577,7 @@ def test_certificate_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificates_get(client, token, status):
|
||||
@ -580,6 +587,7 @@ def test_certificates_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificates_post(client, token, status):
|
||||
@ -589,6 +597,7 @@ def test_certificates_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_put(client, token, status):
|
||||
@ -598,6 +607,7 @@ def test_certificates_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_delete(client, token, status):
|
||||
@ -607,6 +617,7 @@ def test_certificates_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_patch(client, token, status):
|
||||
@ -616,6 +627,7 @@ def test_certificates_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_credentials_post(client, token, status):
|
||||
@ -625,6 +637,7 @@ def test_certificate_credentials_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_credentials_put(client, token, status):
|
||||
@ -634,6 +647,7 @@ def test_certificate_credentials_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_credentials_delete(client, token, status):
|
||||
@ -643,6 +657,7 @@ def test_certificate_credentials_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificate_credentials_patch(client, token, status):
|
||||
@ -652,6 +667,7 @@ def test_certificate_credentials_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_upload_get(client, token, status):
|
||||
@ -661,6 +677,7 @@ def test_certificates_upload_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_certificates_upload_post(client, token, status):
|
||||
@ -670,6 +687,7 @@ def test_certificates_upload_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_upload_put(client, token, status):
|
||||
@ -679,6 +697,7 @@ def test_certificates_upload_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_upload_delete(client, token, status):
|
||||
@ -688,6 +707,7 @@ def test_certificates_upload_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_certificates_upload_patch(client, token, status):
|
||||
|
@ -3,7 +3,7 @@ import pytest
|
||||
from lemur.destinations.views import * # noqa
|
||||
|
||||
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
def test_destination_input_schema(client, destination_plugin, destination):
|
||||
@ -27,6 +27,7 @@ def test_destination_input_schema(client, destination_plugin, destination):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 404),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 404),
|
||||
(VALID_ADMIN_API_TOKEN, 404),
|
||||
('', 401)
|
||||
])
|
||||
def test_destination_get(client, token, status):
|
||||
@ -36,6 +37,7 @@ def test_destination_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_destination_post_(client, token, status):
|
||||
@ -45,6 +47,7 @@ def test_destination_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_destination_put(client, token, status):
|
||||
@ -54,6 +57,7 @@ def test_destination_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_destination_delete(client, token, status):
|
||||
@ -63,6 +67,7 @@ def test_destination_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_destination_patch(client, token, status):
|
||||
@ -72,6 +77,7 @@ def test_destination_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_destination_list_post_(client, token, status):
|
||||
@ -81,6 +87,7 @@ def test_destination_list_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_destination_list_get(client, token, status):
|
||||
@ -90,6 +97,7 @@ def test_destination_list_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_destination_list_delete(client, token, status):
|
||||
@ -99,6 +107,7 @@ def test_destination_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_destination_list_patch(client, token, status):
|
||||
|
@ -3,12 +3,13 @@ import pytest
|
||||
from lemur.domains.views import * # noqa
|
||||
|
||||
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_domain_get(client, token, status):
|
||||
@ -18,6 +19,7 @@ def test_domain_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_domain_post_(client, token, status):
|
||||
@ -27,6 +29,7 @@ def test_domain_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_domain_put(client, token, status):
|
||||
@ -36,6 +39,7 @@ def test_domain_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_domain_delete(client, token, status):
|
||||
@ -45,6 +49,7 @@ def test_domain_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_domain_patch(client, token, status):
|
||||
@ -54,6 +59,7 @@ def test_domain_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_domain_list_post_(client, token, status):
|
||||
@ -63,6 +69,7 @@ def test_domain_list_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_domain_list_get(client, token, status):
|
||||
@ -72,6 +79,7 @@ def test_domain_list_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_domain_list_delete(client, token, status):
|
||||
@ -81,6 +89,7 @@ def test_domain_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_domain_list_patch(client, token, status):
|
||||
|
@ -4,7 +4,7 @@ from lemur.endpoints.views import * # noqa
|
||||
from lemur.tests.factories import EndpointFactory, CertificateFactory
|
||||
|
||||
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
def test_rotate_certificate(client, source_plugin):
|
||||
@ -19,6 +19,7 @@ def test_rotate_certificate(client, source_plugin):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 404),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 404),
|
||||
(VALID_ADMIN_API_TOKEN, 404),
|
||||
('', 401)
|
||||
])
|
||||
def test_endpoint_get(client, token, status):
|
||||
@ -28,6 +29,7 @@ def test_endpoint_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_post_(client, token, status):
|
||||
@ -37,6 +39,7 @@ def test_endpoint_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_put(client, token, status):
|
||||
@ -46,6 +49,7 @@ def test_endpoint_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_delete(client, token, status):
|
||||
@ -55,6 +59,7 @@ def test_endpoint_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_patch(client, token, status):
|
||||
@ -64,6 +69,7 @@ def test_endpoint_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_list_post_(client, token, status):
|
||||
@ -73,6 +79,7 @@ def test_endpoint_list_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_endpoint_list_get(client, token, status):
|
||||
@ -82,6 +89,7 @@ def test_endpoint_list_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_list_delete(client, token, status):
|
||||
@ -91,6 +99,7 @@ def test_endpoint_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_endpoint_list_patch(client, token, status):
|
||||
|
@ -1,5 +1,5 @@
|
||||
import pytest
|
||||
from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from lemur.tests.vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
from lemur.logs.views import * # noqa
|
||||
|
||||
@ -14,6 +14,7 @@ def test_private_key_audit(client, certificate):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_get_logs(client, token, status):
|
||||
|
@ -3,7 +3,7 @@ import pytest
|
||||
from lemur.notifications.views import * # noqa
|
||||
|
||||
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
def test_notification_input_schema(client, notification_plugin, notification):
|
||||
@ -27,6 +27,7 @@ def test_notification_input_schema(client, notification_plugin, notification):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_notification_get(client, notification_plugin, notification, token, status):
|
||||
@ -36,6 +37,7 @@ def test_notification_get(client, notification_plugin, notification, token, stat
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_notification_post_(client, token, status):
|
||||
@ -45,6 +47,7 @@ def test_notification_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_notification_put(client, token, status):
|
||||
@ -54,6 +57,7 @@ def test_notification_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_notification_delete(client, token, status):
|
||||
@ -63,6 +67,7 @@ def test_notification_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_notification_patch(client, token, status):
|
||||
@ -72,6 +77,7 @@ def test_notification_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_notification_list_post_(client, token, status):
|
||||
@ -81,6 +87,7 @@ def test_notification_list_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_notification_list_get(client, notification_plugin, notification, token, status):
|
||||
@ -90,6 +97,7 @@ def test_notification_list_get(client, notification_plugin, notification, token,
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_notification_list_delete(client, token, status):
|
||||
@ -99,6 +107,7 @@ def test_notification_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_notification_list_patch(client, token, status):
|
||||
|
@ -4,7 +4,7 @@ import pytest
|
||||
|
||||
from lemur.roles.views import * # noqa
|
||||
from lemur.tests.factories import RoleFactory, AuthorityFactory, CertificateFactory, UserFactory
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
def test_role_input_schema(client):
|
||||
@ -41,6 +41,7 @@ def test_multiple_authority_certificate_association(session, client):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_role_get(client, token, status):
|
||||
@ -50,6 +51,7 @@ def test_role_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_role_post_(client, token, status):
|
||||
@ -59,6 +61,7 @@ def test_role_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_role_put(client, token, status):
|
||||
@ -68,6 +71,7 @@ def test_role_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_role_put_with_data(client, session, token, status):
|
||||
@ -115,6 +119,7 @@ def test_role_put_with_data_and_user(client, session):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_role_delete(client, token, status, role):
|
||||
@ -124,6 +129,7 @@ def test_role_delete(client, token, status, role):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_role_patch(client, token, status):
|
||||
@ -133,6 +139,7 @@ def test_role_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_role_list_post_(client, token, status):
|
||||
@ -142,6 +149,7 @@ def test_role_list_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_role_list_get(client, token, status):
|
||||
@ -151,6 +159,7 @@ def test_role_list_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_role_list_delete(client, token, status):
|
||||
@ -160,6 +169,7 @@ def test_role_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_role_list_patch(client, token, status):
|
||||
|
@ -2,7 +2,7 @@ import pytest
|
||||
|
||||
from lemur.sources.views import * # noqa
|
||||
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN, INTERNAL_PRIVATE_KEY_A_STR, INTERNAL_VALID_WILDCARD_STR
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN, INTERNAL_PRIVATE_KEY_A_STR, INTERNAL_VALID_WILDCARD_STR
|
||||
|
||||
|
||||
def validate_source_schema(client):
|
||||
@ -38,6 +38,7 @@ def test_create_certificate(user, source):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 404),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 404),
|
||||
(VALID_ADMIN_API_TOKEN, 404),
|
||||
('', 401)
|
||||
])
|
||||
def test_source_get(client, source_plugin, token, status):
|
||||
@ -47,6 +48,7 @@ def test_source_get(client, source_plugin, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_source_post_(client, token, status):
|
||||
@ -56,6 +58,7 @@ def test_source_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_source_put(client, token, status):
|
||||
@ -65,6 +68,7 @@ def test_source_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_source_delete(client, token, status):
|
||||
@ -74,6 +78,7 @@ def test_source_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_source_patch(client, token, status):
|
||||
@ -83,6 +88,7 @@ def test_source_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_sources_list_get(client, source_plugin, token, status):
|
||||
@ -92,6 +98,7 @@ def test_sources_list_get(client, source_plugin, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_sources_list_post(client, token, status):
|
||||
@ -101,6 +108,7 @@ def test_sources_list_post(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_sources_list_put(client, token, status):
|
||||
@ -110,6 +118,7 @@ def test_sources_list_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_sources_list_delete(client, token, status):
|
||||
@ -119,6 +128,7 @@ def test_sources_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_sources_list_patch(client, token, status):
|
||||
|
@ -4,7 +4,7 @@ import pytest
|
||||
|
||||
from lemur.tests.factories import UserFactory, RoleFactory
|
||||
from lemur.users.views import * # noqa
|
||||
from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
|
||||
|
||||
|
||||
def test_user_input_schema(client):
|
||||
@ -24,6 +24,7 @@ def test_user_input_schema(client):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_get(client, token, status):
|
||||
@ -33,6 +34,7 @@ def test_user_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_post_(client, token, status):
|
||||
@ -42,6 +44,7 @@ def test_user_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_put(client, token, status):
|
||||
@ -51,6 +54,7 @@ def test_user_put(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_delete(client, token, status):
|
||||
@ -60,6 +64,7 @@ def test_user_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_patch(client, token, status):
|
||||
@ -69,6 +74,7 @@ def test_user_patch(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 403),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 400),
|
||||
(VALID_ADMIN_API_TOKEN, 400),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_list_post_(client, token, status):
|
||||
@ -78,6 +84,7 @@ def test_user_list_post_(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||
(VALID_ADMIN_API_TOKEN, 200),
|
||||
('', 401)
|
||||
])
|
||||
def test_user_list_get(client, token, status):
|
||||
@ -87,6 +94,7 @@ def test_user_list_get(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_list_delete(client, token, status):
|
||||
@ -96,6 +104,7 @@ def test_user_list_delete(client, token, status):
|
||||
@pytest.mark.parametrize("token,status", [
|
||||
(VALID_USER_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_HEADER_TOKEN, 405),
|
||||
(VALID_ADMIN_API_TOKEN, 405),
|
||||
('', 405)
|
||||
])
|
||||
def test_user_list_patch(client, token, status):
|
||||
|
@ -12,6 +12,12 @@ VALID_ADMIN_HEADER_TOKEN = {
|
||||
}
|
||||
|
||||
|
||||
VALID_ADMIN_API_TOKEN = {
|
||||
'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjIsImFpZCI6MSwiaWF0IjoxNDM1MjMzMzY5fQ.umW0I_oh4MVZ2qrClzj9SfYnQl6cd0HGzh9EwkDW60I',
|
||||
'Content-Type': 'application/json'
|
||||
}
|
||||
|
||||
|
||||
INTERNAL_VALID_LONG_STR = """
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIID1zCCAr+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCVVMx
|
||||
|
Reference in New Issue
Block a user