Child: [ddf08c] (diff)

Download this file

test_rest_api_tickets.py    67 lines (53 with data), 2.2 kB

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
from datetime import datetime, timedelta
from ming.orm import session
from allura import model as M
from allura.tests import decorators as td
from alluratest.controller import TestRestApiBase
class TestApiTicket(TestRestApiBase):
def set_api_ticket(self, expire=None):
if not expire:
expire = timedelta(days=1)
api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects','test']},
expires=datetime.utcnow() + expire)
session(api_ticket).flush()
self.set_api_token(api_ticket)
def test_bad_signature(self):
self.set_api_ticket()
r = self.api_post('/rest/p/test/wiki/', api_signature='foo')
assert r.status_int == 403
def test_bad_token(self):
self.set_api_ticket()
r = self.api_post('/rest/p/test/wiki/', api_key='foo')
assert r.status_int == 403
def test_bad_timestamp(self):
self.set_api_ticket()
r = self.api_post('/rest/p/test/wiki/', api_timestamp=(datetime.utcnow() + timedelta(days=1)).isoformat())
assert r.status_int == 403
def test_bad_path(self):
self.set_api_ticket()
r = self.api_post('/rest/1/test/wiki/')
assert r.status_int == 404
r = self.api_post('/rest/p/1223/wiki/')
assert r.status_int == 404
r = self.api_post('/rest/p/test/12wiki/')
assert r.status_int == 404
def test_no_api(self):
self.set_api_ticket()
r = self.api_post('/rest/p/test/admin/')
assert r.status_int == 404
@td.with_wiki
def test_project_ping(self):
self.set_api_ticket()
r = self.api_get('/rest/p/test/wiki/Home/')
assert r.status_int == 200
assert r.json['title'] == 'Home', r.json
def test_project_ping_expired_ticket(self):
self.set_api_ticket(timedelta(seconds=-1))
r = self.api_post('/rest/p/test/wiki/')
assert r.status_int == 403
@td.with_tool('test/sub1', 'Wiki', 'wiki')
def test_subproject_ping(self):
self.set_api_ticket()
r = self.api_get('/rest/p/test/sub1/wiki/Home/')
assert r.status_int == 200
assert r.json['title'] == 'Home', r.json