From c6ae689dc8d760279d92dae6d071fdb60914217c Mon Sep 17 00:00:00 2001 From: Kevin Glisson Date: Fri, 26 Jun 2015 10:31:55 -0700 Subject: [PATCH] Adding role tests --- lemur/certificates/views.py | 2 +- lemur/tests/conftest.py | 22 +-- lemur/tests/test_accounts.py | 28 ++-- lemur/tests/test_domains.py | 28 ++-- lemur/tests/test_roles.py | 311 +++++++++++++++++++++++++++++++++++ 5 files changed, 346 insertions(+), 45 deletions(-) create mode 100644 lemur/tests/test_roles.py diff --git a/lemur/certificates/views.py b/lemur/certificates/views.py index 3de200d5..4bc317f1 100644 --- a/lemur/certificates/views.py +++ b/lemur/certificates/views.py @@ -90,7 +90,7 @@ def private_key_str(value, name): :return: :raise ValueError: """ try: - serialization.load_pem_private_key(str(value), backend=default_backend()) + serialization.load_pem_private_key(str(value), None, backend=default_backend()) except Exception as e: raise ValueError("The parameter '{0}' needs to be a valid RSA private key".format(name)) return value diff --git a/lemur/tests/conftest.py b/lemur/tests/conftest.py index 254a7e27..50bfd144 100644 --- a/lemur/tests/conftest.py +++ b/lemur/tests/conftest.py @@ -35,6 +35,7 @@ def app(): """ app = create_app() app.config['TESTING'] = True + app.config['LEMUR_ENCRYPTION_KEY'] = 'test' ctx = app.app_context() ctx.push() @@ -52,10 +53,12 @@ def db(app, request): _db.app = app + user = user_service.create('user', 'test', 'user@example.com', True, None, []) + admin_role = role_service.create('admin') + admin = user_service.create('admin', 'admin', 'admin@example.com', True, None, [admin_role]) + _db.session.commit() yield _db - _db.drop_all() - @pytest.yield_fixture(scope="function") def session(db, request): @@ -68,21 +71,8 @@ def session(db, request): db.session.rollback() -@pytest.yield_fixture(scope="session") -def default_user(db): - user = user_service.create('user', 'test', 'user@example.com', True, None, []) - yield user - - -@pytest.yield_fixture(scope="session") -def admin_user(db): - admin_role = role_service.create('admin') - admin = user_service.create('admin', 'admin', 'admin@example.com', True, None, [admin_role]) - yield admin - - @pytest.yield_fixture(scope="function") -def client(app): +def client(app, session): with app.test_client() as client: yield client diff --git a/lemur/tests/test_accounts.py b/lemur/tests/test_accounts.py index 08239afb..2712947c 100644 --- a/lemur/tests/test_accounts.py +++ b/lemur/tests/test_accounts.py @@ -40,46 +40,46 @@ def test_account_patch(client): VALID_USER_HEADER_TOKEN = { 'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'} -def test_auth_account_get(client, default_user): +def test_auth_account_get(client): assert client.get(api.url_for(Accounts, account_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200 -def test_auth_account_post_(client, default_user): +def test_auth_account_post_(client): assert client.post(api.url_for(Accounts, account_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 -def test_auth_account_put(client, default_user): +def test_auth_account_put(client): assert client.put(api.url_for(Accounts, account_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 403 -def test_auth_account_delete(client, default_user): +def test_auth_account_delete(client): assert client.delete(api.url_for(Accounts, account_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 403 -def test_auth_account_patch(client, default_user): +def test_auth_account_patch(client): assert client.patch(api.url_for(Accounts, account_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 VALID_ADMIN_HEADER_TOKEN = { 'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'} -def test_admin_account_get(client, admin_user): +def test_admin_account_get(client): assert client.get(api.url_for(Accounts, account_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 -def test_admin_account_post(client, admin_user): +def test_admin_account_post(client): assert client.post(api.url_for(Accounts, account_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 -def test_admin_account_put(client, admin_user): +def test_admin_account_put(client): assert client.put(api.url_for(Accounts, account_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400 -def test_admin_account_delete(client, admin_user): +def test_admin_account_delete(client): assert client.delete(api.url_for(Accounts, account_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 500 -def test_admin_account_patch(client, admin_user): +def test_admin_account_patch(client): assert client.patch(api.url_for(Accounts, account_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 @@ -103,21 +103,21 @@ def test_accounts_patch(client): assert client.patch(api.url_for(AccountsList), {}).status_code == 405 -def test_auth_accounts_get(client, default_user): +def test_auth_accounts_get(client): assert client.get(api.url_for(AccountsList), headers=VALID_USER_HEADER_TOKEN).status_code == 200 -def test_auth_accounts_post(client, default_user): +def test_auth_accounts_post(client): assert client.post(api.url_for(AccountsList), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 403 -def test_admin_accounts_get(client, admin_user): +def test_admin_accounts_get(client): resp = client.get(api.url_for(AccountsList), headers=VALID_ADMIN_HEADER_TOKEN) assert resp.status_code == 200 assert resp.json == {'items': [], 'total': 0} -def test_admin_accounts_crud(client, admin_user): +def test_admin_accounts_crud(client): assert client.post(api.url_for(AccountsList), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400 data = {'accountNumber': 111, 'label': 'test', 'comments': 'test'} resp = client.post(api.url_for(AccountsList), data=dumps(data), content_type='application/json', headers=VALID_ADMIN_HEADER_TOKEN) diff --git a/lemur/tests/test_domains.py b/lemur/tests/test_domains.py index 2f9b1a7f..9d57f142 100644 --- a/lemur/tests/test_domains.py +++ b/lemur/tests/test_domains.py @@ -23,46 +23,46 @@ def test_domain_patch(client): VALID_USER_HEADER_TOKEN = { 'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'} -def test_auth_domain_get(client, default_user): +def test_auth_domain_get(client): assert client.get(api.url_for(Domains, domain_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200 -def test_auth_domain_post_(client, default_user): +def test_auth_domain_post_(client): assert client.post(api.url_for(Domains, domain_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 -def test_auth_domain_put(client, default_user): +def test_auth_domain_put(client): assert client.put(api.url_for(Domains, domain_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 -def test_auth_domain_delete(client, default_user): +def test_auth_domain_delete(client): assert client.delete(api.url_for(Domains, domain_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405 -def test_auth_domain_patch(client, default_user): +def test_auth_domain_patch(client): assert client.patch(api.url_for(Domains, domain_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 VALID_ADMIN_HEADER_TOKEN = { 'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'} -def test_admin_domain_get(client, admin_user): +def test_admin_domain_get(client): assert client.get(api.url_for(Domains, domain_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 -def test_admin_domain_post(client, admin_user): +def test_admin_domain_post(client): assert client.post(api.url_for(Domains, domain_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 -def test_admin_domain_put(client, admin_user): +def test_admin_domain_put(client): assert client.put(api.url_for(Domains, domain_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 -def test_admin_domain_delete(client, admin_user): +def test_admin_domain_delete(client): assert client.delete(api.url_for(Domains, domain_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 -def test_admin_domain_patch(client, admin_user): +def test_admin_domain_patch(client): assert client.patch(api.url_for(Domains, domain_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 @@ -86,11 +86,11 @@ def test_domains_patch(client): assert client.patch(api.url_for(DomainsList), {}).status_code == 405 -def test_auth_domains_get(client, default_user): +def test_auth_domains_get(client): assert client.get(api.url_for(DomainsList), headers=VALID_USER_HEADER_TOKEN).status_code == 200 -def test_admin_domains_get(client, admin_user): +def test_admin_domains_get(client): resp = client.get(api.url_for(DomainsList), headers=VALID_ADMIN_HEADER_TOKEN) assert resp.status_code == 200 assert resp.json == {'items': [], 'total': 0} @@ -116,8 +116,8 @@ def test_certificate_domains_patch(client): assert client.patch(api.url_for(CertificateDomains, certificate_id=1), {}).status_code == 405 -def test_auth_certificate_domains_get(client, default_user): +def test_auth_certificate_domains_get(client): assert client.get(api.url_for(CertificateDomains, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200 -def test_admin_certificate_domains_get(client, admin_user): +def test_admin_certificate_domains_get(client): assert client.get(api.url_for(CertificateDomains, certificate_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 diff --git a/lemur/tests/test_roles.py b/lemur/tests/test_roles.py new file mode 100644 index 00000000..b40e0772 --- /dev/null +++ b/lemur/tests/test_roles.py @@ -0,0 +1,311 @@ +from json import dumps +from lemur.roles.service import * +from lemur.roles.views import * + + +def test_crud(session): + role = create('role1') + assert role.id > 0 + + role = update(role.id, 'role_new', None, []) + assert role.name == 'role_new' + delete(role.id) + assert get(role.id) == None + + +def test_role_get(client): + assert client.get(api.url_for(Roles, role_id=1)).status_code == 401 + + +def test_role_post(client): + assert client.post(api.url_for(Roles, role_id=1), {}).status_code == 405 + + +def test_role_put(client): + assert client.put(api.url_for(Roles, role_id=1), {}).status_code == 401 + + +def test_role_delete(client): + assert client.delete(api.url_for(Roles, role_id=1)).status_code == 401 + + +def test_role_patch(client): + assert client.patch(api.url_for(Roles, role_id=1), {}).status_code == 405 + + +def test_roles_get(client): + assert client.get(api.url_for(RolesList)).status_code == 401 + + +def test_roles_post(client): + assert client.post(api.url_for(RolesList), {}).status_code == 401 + + +def test_roles_put(client): + assert client.put(api.url_for(RolesList), {}).status_code == 405 + + +def test_roles_delete(client): + assert client.delete(api.url_for(RolesList)).status_code == 405 + + +def test_roles_patch(client): + assert client.patch(api.url_for(RolesList), {}).status_code == 405 + + +def test_role_credentials_get(client): + assert client.get(api.url_for(RoleViewCredentials, role_id=1)).status_code == 401 + + +def test_role_credentials_post(client): + assert client.post(api.url_for(RoleViewCredentials, role_id=1), {}).status_code == 405 + + +def test_role_credentials_put(client): + assert client.put(api.url_for(RoleViewCredentials, role_id=1), {}).status_code == 405 + + +def test_role_credentials_delete(client): + assert client.delete(api.url_for(RoleViewCredentials, role_id=1)).status_code == 405 + + +def test_role_credentials_patch(client): + assert client.patch(api.url_for(RoleViewCredentials, role_id=1), {}).status_code == 405 + + +def test_user_roles_get(client): + assert client.get(api.url_for(UserRolesList, user_id=1)).status_code == 401 + + +def test_user_roles_post(client): + assert client.post(api.url_for(UserRolesList, user_id=1), {}).status_code == 405 + + +def test_user_roles_put(client): + assert client.put(api.url_for(UserRolesList, user_id=1), {}).status_code == 405 + + +def test_user_roles_delete(client): + assert client.delete(api.url_for(UserRolesList, user_id=1)).status_code == 405 + + +def test_user_roles_patch(client): + assert client.patch(api.url_for(UserRolesList, user_id=1), {}).status_code == 405 + + +def test_authority_roles_get(client): + assert client.get(api.url_for(AuthorityRolesList, authority_id=1)).status_code == 401 + + +def test_authority_roles_post(client): + assert client.post(api.url_for(AuthorityRolesList, authority_id=1), {}).status_code == 405 + + +def test_authority_roles_put(client): + assert client.put(api.url_for(AuthorityRolesList, authority_id=1), {}).status_code == 405 + + +def test_authority_roles_delete(client): + assert client.delete(api.url_for(AuthorityRolesList, authority_id=1)).status_code == 405 + + +def test_authority_roles_patch(client): + assert client.patch(api.url_for(AuthorityRolesList, authority_id=1), {}).status_code == 405 + + +VALID_USER_HEADER_TOKEN = { + 'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'} + + +def test_auth_role_get(client): + assert client.get(api.url_for(Roles, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 400 + + +def test_auth_role_post_(client): + assert client.post(api.url_for(Roles, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_role_put(client): + assert client.put(api.url_for(Roles, role_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 400 + + +def test_auth_role_delete(client): + assert client.delete(api.url_for(Roles, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 403 + + +def test_auth_role_patch(client): + assert client.patch(api.url_for(Roles, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_roles_get(client): + assert client.get(api.url_for(RolesList), headers=VALID_USER_HEADER_TOKEN).status_code == 200 + + +def test_auth_roles_post(client): + assert client.post(api.url_for(RolesList), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 403 + + +def test_auth_role_credentials_get(client): + assert client.get(api.url_for(RoleViewCredentials, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 403 + + +def test_auth_role_credentials_post(client): + assert client.post(api.url_for(RoleViewCredentials, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_role_credentials_put(client): + assert client.put(api.url_for(RoleViewCredentials, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_role_credentials_delete(client): + assert client.delete(api.url_for(RoleViewCredentials, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_role_credentials_patch(client): + assert client.patch(api.url_for(RoleViewCredentials, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_user_roles_get(client): + assert client.get(api.url_for(UserRolesList, user_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200 + + +def test_auth_user_roles_post(client): + assert client.post(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_user_roles_put(client): + assert client.put(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_user_roles_delete(client): + assert client.delete(api.url_for(UserRolesList, user_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_user_roles_patch(client): + assert client.patch(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_authority_roles_get(client): + assert client.get(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200 + + +def test_auth_authority_roles_post(client): + assert client.post(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_authority_roles_put(client): + assert client.put(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_authority_roles_delete(client): + assert client.delete(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +def test_auth_authority_roles_patch(client): + assert client.patch(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405 + + +VALID_ADMIN_HEADER_TOKEN = { + 'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'} + + +def test_admin_role_get(client): + assert client.get(api.url_for(Roles, role_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + + +def test_admin_role_post(client): + assert client.post(api.url_for(Roles, role_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_role_put(client): + assert client.put(api.url_for(Roles, role_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400 + + +def test_admin_role_delete(client): + assert client.delete(api.url_for(Roles, role_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + + +def test_admin_role_patch(client): + assert client.patch(api.url_for(Roles, role_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_roles_get(client): + resp = client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN) + assert resp.status_code == 200 + assert resp.json['total'] > 0 + + +def test_admin_role_credentials_get(client): + assert client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + + +def test_admin_role_credentials_post(client): + assert client.post(api.url_for(RolesList), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400 + + +def test_admin_role_credentials_put(client): + assert client.put(api.url_for(RolesList), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_role_credentials_delete(client): + assert client.delete(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_role_credentials_patch(client): + assert client.patch(api.url_for(RolesList), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_user_roles_get(client): + assert client.get(api.url_for(UserRolesList, user_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + + +def test_admin_user_roles_post(client): + assert client.post(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_user_roles_put(client): + assert client.put(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_user_roles_delete(client): + assert client.delete(api.url_for(UserRolesList, user_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_user_roles_patch(client): + assert client.patch(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_authority_roles_get(client): + assert client.get(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + + +def test_admin_authority_roles_post(client): + assert client.post(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_authority_roles_put(client): + assert client.put(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_authority_roles_delete(client): + assert client.delete(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_authority_roles_patch(client): + assert client.patch(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405 + + +def test_admin_roles_crud(client): + assert client.post(api.url_for(RolesList), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400 + data = {'name': 'role', 'description': 'test'} + resp = client.post(api.url_for(RolesList), data=dumps(data), content_type='application/json', headers=VALID_ADMIN_HEADER_TOKEN) + assert resp.status_code == 200 + role_id = resp.json['id'] + assert client.get(api.url_for(Roles, role_id=role_id), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + resp = client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN) + assert resp.status_code == 200 + assert resp.json['total'] == 2 + assert client.delete(api.url_for(Roles, role_id=role_id), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200 + resp = client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN) + assert resp.status_code == 200 + assert resp.json['total'] == 1